The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Atomicorp no longer provides a free delayed version of its ModSecurity Rule set

Discussion in 'Security' started by sawbuck, Oct 23, 2013.

  1. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    The OWASP rules are nice, but several of them cause TONS of false positives with most popular CMS software. By default they are very aggressive. I'd only recommend using the OWASP rules if you have an in-depth knowledge of white-listing, and have the ability and patience to fine-tune your own rule set.

    If you're going to pay for ModSecuity rules though, the atomicorp rules are definitely worth it. As are the trustwave live updated rules. As far as good free rulesets go, with atomicorp pulling the plug (so to speak) I'm not aware of any other good options other than implementing the OWASP rules and being prepared to fine-tune them for your applications/users.
     
    MaraBlue likes this.
  4. jimlongo

    jimlongo Well-Known Member

    Joined:
    Mar 20, 2008
    Messages:
    145
    Likes Received:
    2
    Trophy Points:
    18
    That's not good news.

    I guess there must be so many users of the free rules that Atomic feels they are losing a lot of income.

    They should have done some marketing research.
    Since they are removing this facility I'm sure it's going to make a lot of people (like me) feel burned. Maybe that's not a rational response, but i think this is human nature.

    Right now I feel more inclined to purchase Trustwave's product at the same price.

    Since Cpanel already has some relationship with Trustwave (purchase of SSL from within WHM) I'd suggest it would be nice if there was some kind of partnership with Trustwave for WAF rules.

    And a partner discount would be extra nice. :D
     
  5. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Agree. And without any prior notice at that.

    I'm seeing their pricing at $200 per server. Do you have other information?

    +1 for that idea
     
  6. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    A partnership for the trustwave rules would be amazing. Seeing as they actually maintain ModSecurity itself, their ruleset is quite impressive. They often add patches for things like new wordpress hacks within a day.
     
  7. jimlongo

    jimlongo Well-Known Member

    Joined:
    Mar 20, 2008
    Messages:
    145
    Likes Received:
    2
    Trophy Points:
    18
    Sorry, I was confused by the pricing - I believe the correct information is . . .
    Atomic Rules -$100
    Atomic Secured Linux - $200
    Trustwave Rules - $200

    So I guess the value proposition is do Trustwave Rules compete with ASL.



    Question for both rulesets:
    How are updates delivered?
     
    #7 jimlongo, Oct 25, 2013
    Last edited: Oct 25, 2013
  8. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    I don't know how atomic delivers updates. With trustwave they give you an access key, and you can cron an update to download the new rules nightly with curl or wget.

    Like I said before, Trustwave actually maintains ModSecurity itself, so I'd think their rules are comparable to the ASL rules. Both are very good rule sets though. I've installed the Trustwave rules for customers before and they looked pretty solid.
     
  9. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,450
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  10. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Greed is an amazing thing to me. I'm sure these guys were doing fine. I guess they don't really care about the security of the web - why care when you can profit more by not caring? They didn't really consider that there are many small fish out there who might not have the budget to buy a paid ruleset.

    Due to the lack of any prior notice by GotRoot, I'd personally rather give my money to Trustwave.
     
  11. Secmas

    Secmas Well-Known Member

    Joined:
    Feb 18, 2005
    Messages:
    321
    Likes Received:
    0
    Trophy Points:
    16
    Re: ModSecurity Auto Updater

    ASL Free rules, good bye!

    ASL has decided to get rid of the delayed free rules, you can read the info at:

    http://updates.atomicorp.com/channels/rules/delayed/

    We will miss this contribution to the community.

    Just want to say thank you, as I have used them and they will be missed.
     
  12. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    I understand it may be difficult for a lot of admins to move on to a non-free ruleset (Atomicorp or other) or simply use what is currently available from the delayed rules knowing that it will no longer be updated. But your attitude really sucks.

    Why in the world is it Atomicorp's job to provide a free service to the community? It isn't, plain and simple -- and it never has been. They've been very gracious. There are some other companies out there who are equally gracious, providing something for free that we really all should be paying for.

    I have no idea what Atomicorp's current motivation is, and I have no clue what their original motivation was to provide free rules in the first place. The bottom line is that I'm grateful to them for providing such a comprehensive ruleset. Sure, many of the rules are specific to outdated applications that shouldn't exist on a server in this day and age, but the fact is those outdated applications do still exist in large quantities. I'm quite confident in saying that their rulesets (free or subscription based) have saved the asses of countless admins / companies over the years, including mine I'm sure.

    I currently use the subscription-based rules on any servers that I manage for clients. $99 a pop isn't cheap by any stretch, but it's an absolute bargain when one considers the alternative. For each and every mess I didn't have to clean up because the rules blocked something, I've saved more than that in time and sanity.

    I'm glad they are going remain in business providing subscription-based rulesets, and I wish them well with whatever plans they have in the future.

    Mike
     
  13. WhiteDog

    WhiteDog Well-Known Member

    Joined:
    Feb 19, 2008
    Messages:
    118
    Likes Received:
    0
    Trophy Points:
    16
    I am facing a similar problem and decided to revert towards the Trustwave Paid Ruleset. I am also working on a free cPanel/WHM plugin to download, install and manage the Trustwave ruleset. If anyone is using them and is interested to try this plugin just send me a DM.
     
  14. Tom Risager

    Tom Risager Well-Known Member

    Joined:
    Jul 10, 2012
    Messages:
    107
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Copenhagen, Denmark, Denmark
    cPanel Access Level:
    Root Administrator
    The paid Atomicorp rules work quite well. The main issue I'm having is that they won't provide a download script, they would much rather have you purchase the complete ASL product, which includes automatic downloads. So you need to write your own download script (or install by hand).
     
  15. WhiteDog

    WhiteDog Well-Known Member

    Joined:
    Feb 19, 2008
    Messages:
    118
    Likes Received:
    0
    Trophy Points:
    16
    I'm doing a free and independent plugin for the Trustwave Rules (see screenshot) that manages this for you and more. I get great support from Trustwave on this as well. I hope to have this out in a week or so. If anyone is using cPanel and Trustwave, feel free to contact me and i'll send you the install instructions :)
     

    Attached Files:

  16. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Tom,

    Check into / ask them about the 'asl-lite'. I update all of my clients hosting servers manually. However, I have a couple [non shared hosting, single site] machines that I run asl-lite on. Once it is installed I simply run:

    asl-lite -ck (to check for updates)
    asl-lite -u (to update)

    The asl-lite utility can update more than just modsec rules, but modsec rules are the only thing I purchase from Atomicorp and thus that's the only thing that gets updated when I run asl-lite.

    Why haven't I used asl-lite on hosting servers? I'm sure. Laziness maybe. Or perhaps I didn't want to find out that there would be some issue that I would have to troubleshoot on cPanel hosting servers. So I didn't bother to install it.

    I'm not even sure if asl-lite is still available. the version I have references old URLs when it tries to update, and I had to work around that by adding manual entries in my /etc/hosts file so that the URL that asl-lite called for updates actually pulled content from the correct Atomicorp servers.

    At any rate, you might want to ask them about asl-lite if you already have a paid subscription.

    Mike
     
  17. markb14391

    markb14391 Well-Known Member

    Joined:
    Jun 9, 2008
    Messages:
    305
    Likes Received:
    2
    Trophy Points:
    18
  18. lostinspace

    lostinspace Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    122
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Colorado Springs, CO
  19. markb14391

    markb14391 Well-Known Member

    Joined:
    Jun 9, 2008
    Messages:
    305
    Likes Received:
    2
    Trophy Points:
    18
    Has anyone here used the Comodo rules successfully? I have heard that they have some issues. Someone else also mentioned that they only seem to be the core rules, not actually Comodo's own creation.
     
  20. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Sounded like there had to be a catch. Sounds to me like they want to get you using their plug-in and then sell you additional services.

    Has anybody tried the plug-in yet?
     
Loading...

Share This Page