The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_sec rules

Discussion in 'Security' started by tiff2342, Sep 2, 2012.

  1. tiff2342

    tiff2342 Well-Known Member

    Joined:
    Apr 20, 2012
    Messages:
    140
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    where can i find good sets. not big massive ones that slow your server down and break stuff. i need clean and simple ones to block all the common attacks.
     
  2. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
    Did you try the atomic rules ?
     
  3. Eric

    Eric Administrator
    Staff Member

    Joined:
    Nov 25, 2007
    Messages:
    746
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
  4. tiff2342

    tiff2342 Well-Known Member

    Joined:
    Apr 20, 2012
    Messages:
    140
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    way too many...... too much chance of issues on a shared host
     
  5. sahostking

    sahostking Well-Known Member

    Joined:
    May 15, 2012
    Messages:
    299
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Cape Town, South Africa
    cPanel Access Level:
    Root Administrator
    Why not start off it though, not much issues really:
    Atomicorp Wiki

    Seems to work fine for me. Never had issues as yet

    - - - Updated - - -

    This also doesn't seem to bad. Found quite a few posts around this aswell on the net and cpanel forums:
    https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
     
  6. srpurdy

    srpurdy Well-Known Member

    Joined:
    Jun 1, 2011
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Same here. I use atomic rules on a shared server. Occasional false/postive, but really any ruleset is likely to cause a false/postive at some point. The difference is at least your protected against much more!

    It's like deciding wither to leave your keys for your house in the keyhole. or take them with you when you leave. :| The thing the thief doesn't know is you have a giant flamethrower rigged on the otherside of the door. Yet you decided to put a window in your front door. To each his own I guess. I just don't think security is something to be lazy about specially on a shared server.
     
  7. tecsys

    tecsys Member

    Joined:
    Sep 9, 2012
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nashik.India
    cPanel Access Level:
    Root Administrator
    I would go with gotroot rules. They protect you on most of the stuff. However, there is bound to be a false positive on any rule sets.
     
Loading...

Share This Page