which is better to have mod sec or mod uid
Last week i updated to 11.48 and applied ModSec with OWASP, but i see that it has some incompatibility with ModRuid2.
What's better to have, OWASP, ModRuid2 or both and live the the incompatibility.
-
I would generally say ModSecurity is most important as long as you have some form of symlink patch (Even the race condition protection in EA is "good enough") Most ModSecurity rules work OK with RUID2, just some that use collections will have some issues. For the most part the Atomicorp rules should be compatible. If I absolutely had to choose between RUID2 or ModSecurity, I'd ditch RUID2 in a heartbeat. 0 -
Hello :) Note that if you choose to not use Mod_Ruid2, the following document lists alternatives for symlink race condition protection: Symlink Race Condition Protection Thank you. 0 -
both works fine mod ruid2 & security running got root & comodo waf for the collections issue we just run a cron to clear the stale files 0 -
I have both, but MOdRuid2 is causing a few issues with Owasp ModSec. If there's no distinct advantage to ModSec over Ruid2 then i'll keep both. 0 -
RUID2 prevents cross-account compromise, which SuPHP + symlink race condition protection does as well. RUID2 provides no protections for an individual account getting hacked though; that is what ModSecurity is for. 0
Please sign in to leave a comment.
Comments
5 comments