The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_security Ruleset comparsions

Discussion in 'Security' started by mobcdi, Jun 14, 2012.

  1. mobcdi

    mobcdi Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    What are cPanel admins opinion of the various rulesets available for mod_security and how well they work on cPanel hostings 11.32 and up.

    Which rulesets offer better integration into cPanel
    Is it possible to automatically have the latest rulesets applied
    Are there an caveat for using particular rule sets?
    besides gotroot and OWASP ModSecurity Core Rule Set are there other rule sets users would recommend?
     
  2. rligg

    rligg Well-Known Member

    Joined:
    Sep 16, 2003
    Messages:
    277
    Likes Received:
    0
    Trophy Points:
    16
    I would like someone to chime in as well. The default rules are not enough.
     
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Default rules are definitely not enough. I would recommend the AtomiCorp: Security for Everyone - Atomic Security rules -- specifically the ones you pay for. But if you must, the 90-day delayed ones are good too.

    An ASL-Lite subscription is good -- but, I might recommend that you first set things up manually [per the instructions in their wiki] and get used to dealing with the rules before you use their automated installer.

    The atomicorp.com ruleset is the only one I'd recommend for cpanel servers. If you follow the directions [and don't activate every ruleset].

    Just keep in mind that with any ruleset meant to really protect your server, you are going to have some maintenance chores -- manually adding exceptions for certain users' websites, etc. There will be "false positives."

    Just my $0.002. I can't instruct you on the how-tos of installing / updating. All of that information is contained in the atomicorp.com wiki. Read all of the documentation thoroughly before you do anything.

    M
     
Loading...

Share This Page