modsecurity question

durangod

• July 28, 2014 07:14

I was reading this [url=http://docs.cpanel.net/twiki/bin/view/AllDocumentation/EasyapacheModsecurity]EasyApache mod_security Module and i can see where the OWASP table is reserved. I downloaded the new version owasp from here 2.2.9-5

• 

  Shavaun

  • July 28, 2014 13:43

  cPanel & WHM does not currently install with anything besides very very basic Mod Security rules. You can find our up to date documentation on Mod Security here:

  0
• 

  durangod

  • July 28, 2014 14:11

  Thanks so much, the default is good for now as a base just until im ready to do more right. The default is safe enough and generic enough to start with right?

  0
• 

  Shavaun

  • July 28, 2014 15:56

  The 'default' rules that we provide with ModSecurity are *very* basic and will not provide significant protection if someone attempts to attack your server. There are other methods of security, you'll have to pick the best ones for your circumstance and server configuration. In general, I would recommend having rules in addition to the default ones. You may find more information from OWASP or any of the other groups that provide ModSecurity rules.

  0
• 

  durangod

  • July 28, 2014 16:10

  ok thanks, i am running config server firewall also.. I just needed a starting point is all.. Basic is ok with me until i am able to add more rules. thanks so much :)

  0

Please sign in to leave a comment.