I know this has been covered in various bits and pieces elsewhere, and my head is spinning from reviewing them all.
I'm wondering if anyone has a definitive view on the best mod_security implementation for cPanel. Each option seems to have various drawbacks:
1) ASL handles it for you and has the famous gotroot rules, but ASL can be problematic on some servers.
2) ASL-Lite gives you the same rules, but can be hard to configure properly with cPanel.
3) The free gotroot rules have obvious limitations.
4) cPanel's own default rules seem ineffective.
5) ???
Can anyone recommend the best way to implement mod_security securely on a cPanel without jumping through hoops and possibly causing issues on the server?
Thanks,
Mark
I'm wondering if anyone has a definitive view on the best mod_security implementation for cPanel. Each option seems to have various drawbacks:
1) ASL handles it for you and has the famous gotroot rules, but ASL can be problematic on some servers.
2) ASL-Lite gives you the same rules, but can be hard to configure properly with cPanel.
3) The free gotroot rules have obvious limitations.
4) cPanel's own default rules seem ineffective.
5) ???
Can anyone recommend the best way to implement mod_security securely on a cPanel without jumping through hoops and possibly causing issues on the server?
Thanks,
Mark