quizknows
- Total activity 1324
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 499
Activity overview
Latest activity by quizknows-
quizknows created a post,
A Guide to ModSecurity in 2018, for administrators
I have worked in web hosting for nearly 10 years. If you know me, please, now is not the time :) I have found some good community works which help for monitoring ModSec attacks in a live and manag...
-
quizknows commented,
That would work to block either/or, but I believe the whole point here was to drop requests that had both of those in the same query string. Your proposed rule would block any request containing ei...
-
quizknows commented,
There is a mistake in my previous post, I cannot seem to edit. Modsec uses the command "chain" as an "AND", not "OR". It is used so a request must match both lines of a chained rule (or every line...
-
quizknows commented,
For what it's worth you should be able to do it quickly and easily with modsecurity. This helps a lot especially if you use CSF/LFD. Modsec's AND operator (basically) is "chain". I would personal...
-
quizknows commented,
Last script just looks to lock the passwords for those unused users (or perhaps used, but should never be logged into directly), likely for security reasons. -l, --lock Lock the...
-
quizknows commented,
With it being a normal user ID running the process, I wouldn't worry too much about root at least yet. These things though are hard to find when they're not ongoing. I would thoroughly examine the...
-
quizknows commented,
The public_html directory should be 750 and is not intended to be changed. Setting 555 would make your public_html directories readable across account, which is a nightmare security wise especially...
-
quizknows commented,
Have you considered using ModSecurity's connections engine? you can limit simultaneous read/write connection states per IP. Reference Manual " SpiderLabs/ModSecurity Wiki " GitHub Reference Manua...
-
quizknows commented,
If the settings are in your systcl config files themselves, "sysctl -p $file" should commit them. if that is failing or is not persistent across reboots, try moving the settings to /etc/sysctl.conf...
-
quizknows commented,
Ok, Good :) In that case you may need to wait for cpanel staff or open a ticket. With that said, If you don't get errors committing those sysctl parameters your server is probably OK.