The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server Firewalls . . . Is One Enough?

Discussion in 'Security' started by jerdoggmckoy, Jun 20, 2013.

  1. jerdoggmckoy

    jerdoggmckoy Active Member

    Joined:
    Jun 3, 2013
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    St Paul, MN
    cPanel Access Level:
    Root Administrator
    I already have ConfigServer Security & Firewall installed, should I also have Mod Security Installed as well?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, utilizing Mod_Security can help protect against web application attacks. You can enable Mod_Security through EasyApache. Our documentation on it is available at:

    cPanel - Mod_Security

    Thank you.
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
  4. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
    You can also install ConfigServer ModSecurity Control .
     
  5. faisikhan

    faisikhan Well-Known Member

    Joined:
    Dec 12, 2011
    Messages:
    88
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Islamabad, Pakistan
    cPanel Access Level:
    Root Administrator
    Well I'd also like to strongly recommend that but Mod_Security is also a great choice.
     
  6. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Maybe it's good to point out that ModSecurity is a web application firewall, and ConfigServer ModSecurity Control is a tool to control and configure ModSecurity.
    If ModSecurity is not installed, then ConfigServer ModSecurity Control is totally useless.
     
  7. jerdoggmckoy

    jerdoggmckoy Active Member

    Joined:
    Jun 3, 2013
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    St Paul, MN
    cPanel Access Level:
    Root Administrator
    Thanks for the help all! I did realize that, I installed ModSecurity first, and then added the ConfigServer ModSecurity Control.
     
  8. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Note that mod_security is not a firewall. It is an Apache module intended to increase the security of Web sites. It is not the same, and does not have the same intended purpose, as an actual firewall.

    Also note that the iptables firewall is built into the Linux kernel and is present on all modern Linux systems. CSF is just a front-end for configuring it. iptables syntax can be very complex, so Web-based configuration tools like CSF are very popular for putting a user-friendly interface on it. What CSF is really doing, though, is configuring the iptables firewall that is built into the Linux kernel.
     
  9. jerdoggmckoy

    jerdoggmckoy Active Member

    Joined:
    Jun 3, 2013
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    St Paul, MN
    cPanel Access Level:
    Root Administrator
  10. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    The value of ConfigServer ModSecurity Control is that it allows you to quickly turn mod_security off for testing issues and also allows you to bypass specific rules on a server wide basis or on an account specific basis. Both are very helpful.

    Also it gives you a good way to access the mod_security log.
     
Loading...

Share This Page