mod_sec with httpd-guardian
Anybody have experience getting mod_sec to play nicely with http-guardian? There is a box in mod_sec configuration in which a user enters their path to http-guarding, which I've done. However, the instructions in the package are a bit confusing. It says you need to activate or install something called "spread" which is the transport for the data from the install to the perl modules for processing.
I don't want to fiddle with my Centos 6.9 whm/cpanel server without knowing more about installing this.
Any help much appreciated.
-
Hello, I've not seen any reports from cPanel & WHM administrators regarding the use of this feature. I've moved this thread to our Security forum so that others that may have utilized this feature can offer their insight. Thank you. 0 -
Thanks where is the link to that forum? The very annoying thing is CPanel/WHM support say seek out advise from mod_sec forums and advisors, and the mod_sec people say seek out advise from CPanel/WHM. And of cousre the most annoying thing is that the developer of the scripts who advises people to contact him with his email embedded in the scripts, does not respond to queries. So there you have it - tech in the 21st. century. 0 -
Sure, appreciate the offer. I kind of liked the apache-tools set of tools for blocking on the firewall level, bots and such. Particularly HTTP-authenticaion failures of which I receive many. The httpd-guardian was attractive but I'm not wedded to it. Does mod_sec have a method to ban - on the firewall level - these types of incursions? Not deny, but block on the firewall. 0 -
Does mod_sec have a method to ban - on the firewall level - these types of incursions?
You could use CSF/LFD. See this post: Thank you.0
Please sign in to leave a comment.
Comments
5 comments