The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

which is better to have mod sec or mod uid

Discussion in 'Security' started by keat63, Feb 16, 2015.

  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Last week i updated to 11.48 and applied ModSec with OWASP, but i see that it has some incompatibility with ModRuid2.
    What's better to have, OWASP, ModRuid2 or both and live the the incompatibility.
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    I would generally say ModSecurity is most important as long as you have some form of symlink patch (Even the race condition protection in EA is "good enough")

    Most ModSecurity rules work OK with RUID2, just some that use collections will have some issues. For the most part the Atomicorp rules should be compatible.

    If I absolutely had to choose between RUID2 or ModSecurity, I'd ditch RUID2 in a heartbeat.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    both
    works fine mod ruid2 & security running got root & comodo waf for the collections issue we just run a cron to clear the stale files
     
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have both, but MOdRuid2 is causing a few issues with Owasp ModSec.
    If there's no distinct advantage to ModSec over Ruid2 then i'll keep both.
     
  6. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    RUID2 prevents cross-account compromise, which SuPHP + symlink race condition protection does as well. RUID2 provides no protections for an individual account getting hacked though; that is what ModSecurity is for.
     
Loading...

Share This Page