Results 1 to 25 of 28
-
10-23-2013, 04:57 PM #1Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
AtomiCorp withdraw delayed modsecurity rules
Effective today, without notice (as far as I have gathered, anyway), AtomiCorp have withdrawn their free delayed ruleset.
Additions and improvements made to the Atomicorp Realtime Modsecurity rule set have resulted in the Atomicorp Realtime Rule Set and the delayed rule set diverging over time.
I'd guess, then, that their reason is commercial. Not enough people are paying for the commercial ruleset, so they're withdrawing the free option.
The irony is that points in the opposite direction to the statement on their website. Their statement says that the realtime rules are so much better than the delayed ones that it no longer makes sense to offer the delayed ones. If people aren't paying for the realtime rules, that must mean that the realtime rules are not better enough for people to choose to pay for them.
Anyone know any more?Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog
-
10-23-2013, 05:02 PM #2Web Hosting Master
- Join Date
- Sep 2010
- Location
- /usr/bin/fail
- Posts
- 859
Looks like its true.
From the wiki..
Free/Delayed Rules: A subset of the realtime rules, which were based on older version. This project was discontinued in October 2013.
https://www.atomicorp.com/wiki/index...bout_the_rules
-
10-23-2013, 05:08 PM #3Digital Marketing Strategist
- Join Date
- Dec 2011
- Location
- Germany
- Posts
- 1,180
That's really bad news. The delayed rules were perfect for securing mediocre sensitive web applications.
➤ Inbound Marketing & real SEO for web hosting providers
✎ Get in touch with me: co<at>infinitnet.de
-
10-23-2013, 05:09 PM #4Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
It's true alright - I got it from https://www6.atomicorp.com/channels/rules/delayed/
Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog
-
10-23-2013, 05:10 PM #5Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
Anyone know how the OWASP rules compare (in effectively blocking malicious traffic without excessive false positives) to the (former) ASL delayed ruleset?
Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog
-
10-23-2013, 05:46 PM #6Quality Web Hosting Matters
- Join Date
- Mar 2006
- Location
- Servers
- Posts
- 1,590
█ QHoster.com - Web Hosting with DDoS Protection | Shared & Reseller in Europe/North America
█ Linux/Windows RDP VPS 13 Locations : UK, US (5 states), Mexico, Canada, Bulgaria, Lithuania,
█ Italy, France, Germany,Netherlands, Switzerland, Rissia, Singapore | OpenVPN/PPTP Enabled
█ INSTANT | PayPal, Skrill, Payza, Bitcoin, WebMoney, Perfect Money, Ukash, CashU, paysafecard
-
10-23-2013, 06:00 PM #7Web Hosting Master
- Join Date
- Sep 2013
- Location
- Canada
- Posts
- 656
Yeah would like to know about OWASP rules also. We are running on Atomic paid rules atm.
Hostabulous 🔗 cPanel (Cloudlinux) & Plesk (Windows DC 2016) Hosting 🔗 R1Soft CDP backups
No Gimmicks 🍁 Proudly Canadian
-
10-23-2013, 06:03 PM #8Digital Marketing Strategist
- Join Date
- Dec 2011
- Location
- Germany
- Posts
- 1,180
The OWASP rules are less extensive and I had way more false positives with them. I rather recommend to continue using the delayed ones, even if they're discontinued, and eventually switch to the paid ASL ruleset.
That's why I said only to protect mediocre sensitive information. And besides not every exploits needs a specific rule - there are a lot of generic rules/patterns, which can block all kinds of MySQL injections for instance. For example the delayed rules blocked every single one of the latest WHMCS exploits and therefore your statement isn't completely correct.Last edited by Infinitnet; 10-23-2013 at 06:10 PM.
➤ Inbound Marketing & real SEO for web hosting providers
✎ Get in touch with me: co<at>infinitnet.de
-
10-23-2013, 09:30 PM #9Web Hosting Master
- Join Date
- Jun 2006
- Location
- Calgary, Alberta
- Posts
- 688
Good thing I subscribed to the daily rules from ASL last week!
Never really had any issues with the delayed rules, just figured id play it safe and get the daily's for the "oh my they did what" moments.
Small price to pay for another added layer of peace of mind!
-
10-23-2013, 09:55 PM #10Web Hosting Master
- Join Date
- Apr 2002
- Posts
- 1,789
This is unfortunate. I wonder what someone with a lot of servers is suppose to do. Say you have 100 servers, that's $1495/mo extra expense for those servers.
Wondering if there is another entity that will come out and provide a free or considerably less expensive option.
-
10-24-2013, 02:36 AM #11Web Hosting Master
- Join Date
- Nov 2004
- Location
- Australia
- Posts
- 1,737
If you have that many servers, I'd be talking to them about a discount; surely they can manage something...
If this comes with a drop in the pricing of the paid rules, I'd understand it.
(Personally I subscribe to the paid rules, think it's worth, but then I don't have 100 servers!)
-
10-24-2013, 02:54 AM #12Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
The announcement I linked to (see post #4 above) says
For users of the delayed rule set, to ease the transition to the real time rule set or ASL, we do offer bulk quantity discounts.Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog
-
10-24-2013, 08:08 AM #13Junior Guru Wannabe
- Join Date
- Jun 2008
- Location
- Canada
- Posts
- 50
Only issue I have with AtomiCorp, is the sign up process.
Their password requirements isn't secure... Not allowed to have any special characters in the password field... Sure, it has to be 10 chars long. But really? No special characters! Disappointed with that.24hrs Server Support || 30 Days Money Back || 99.99% Uptime
Web hosting for the advanced client!
www.TheWebHosters.Net - PayPal accepted!!
-
10-24-2013, 08:18 AM #14Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
-
10-24-2013, 08:27 AM #15Junior Guru Wannabe
- Join Date
- Jun 2008
- Location
- Canada
- Posts
- 50
Yes. There is another bank here, that has poor password requirements CIBC. Only comfort I have with them is, when you login from another device or a location that you haven't logged in before. They ask you, one of your secret questions.
But still, every one should be allowing special questions and a very very long passwords. Of course, two factor auth be nice as well. Living a dream I guess haha24hrs Server Support || 30 Days Money Back || 99.99% Uptime
Web hosting for the advanced client!
www.TheWebHosters.Net - PayPal accepted!!
-
10-24-2013, 08:54 AM #16Aspiring Evangelist
- Join Date
- Jun 2009
- Location
- /
- Posts
- 370
We will become more Vulnerable
BD Web Services Since 2009
cPanel and Plesk | CloudLinux | Node.JS | SSD Server | Daily Remote Backup | North America and Europe | Money Back Guarantee
USA | Canada | Germany
-
10-24-2013, 09:13 AM #17Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
Not necessarily.
A lot of the older (delayed) rules contain plenty of generic protection for most vulnerabilities - especially SQLi and LFI/RFI type attacks. Like 90% of the Atomic rules were application specific for all kinds of random stuff that most people don't even use.RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
-
10-24-2013, 09:22 AM #18Aspiring Evangelist
- Join Date
- Jun 2009
- Location
- /
- Posts
- 370
I think cPanel Inc. can make a partnership with AtomiCorp; and cPanel Inc can charge extra ($1/$2) for this and this is WIN/WIN situation.
BD Web Services Since 2009
cPanel and Plesk | CloudLinux | Node.JS | SSD Server | Daily Remote Backup | North America and Europe | Money Back Guarantee
USA | Canada | Germany
-
10-24-2013, 09:24 AM #19Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
Really? If cPanel charged an extra $1 for Atomicorp's live ruleset, they'd pass on some of that (retaining a profit / brokerage fee) first. So Atomicorp get $0.50 because someone subscribed, instead of the $15 they charge directly.
It's not going to happen.Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog
-
10-24-2013, 03:12 PM #20Retired Moderator
- Join Date
- Sep 2000
- Location
- New York/USA
- Posts
- 1,691
Can't you technically pay for the rules for 1 server, then copy over the conf's to the other server (or even shared with others)? I don't condone this but it sounds possible for those who are balking at the sunsetting of the free rules.
-
10-24-2013, 03:15 PM #21Digital Marketing Strategist
- Join Date
- Dec 2011
- Location
- Germany
- Posts
- 1,180
Last edited by Infinitnet; 10-24-2013 at 03:18 PM.
➤ Inbound Marketing & real SEO for web hosting providers
✎ Get in touch with me: co<at>infinitnet.de
-
10-24-2013, 08:26 PM #22Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
-
10-28-2013, 05:24 PM #23Newbie
- Join Date
- Oct 2013
- Posts
- 24
Hello,
Does anyone have the latest modsec rules zip file? It will be useful until i decide about an alternative.
-
10-28-2013, 05:52 PM #24Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
Did the license to download the free (delayed) rules include permission to mirror / redistribute them, or did others who want them have to obtain them directly from AtomiCorp?
Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog
-
10-28-2013, 06:14 PM #25Web Hosting Master
- Join Date
- Sep 2010
- Location
- /usr/bin/fail
- Posts
- 859
I looked all over the site and could not find anything...
Then I looked in the file...
# Distribution of this work or derivative of this work in any form is
# prohibited unless prior written permission is obtained from the
# copyright holder.
So I took the file down.
Similar Threads
-
Too many false positives with Atomicorp mod_security rules
By CoolMike in forum Hosting Security and TechnologyReplies: 6Last Post: 11-07-2012, 07:17 PM -
Need help with updating Atomicorp mod_security rules
By Oplactric in forum Hosting Security and TechnologyReplies: 2Last Post: 09-30-2012, 05:37 PM -
WHM with Atomicorp Mod Secure Rules
By ukhost4u in forum Hosting Software and Control PanelsReplies: 2Last Post: 06-30-2012, 11:33 AM -
modsecurity 2 - Negative rules and exception rules
By hostinginsiders in forum Hosting Security and TechnologyReplies: 1Last Post: 07-20-2010, 08:38 AM -
Overactive modsecurity rules help
By WestBend in forum Hosting Security and TechnologyReplies: 8Last Post: 03-28-2005, 03:46 PM