var sidebar_align = 'right';
var content_container_margin = parseInt('350px');
var sidebar_width = parseInt('330px');
I'm running Apache 2.2.11 with Direct Admin and PHP 5.
I am obviously running shared hosting sites and am looking into increasing security.
Currently, I do not have mod_security because when I first got the server I installed it and noticed that it was not working correctly and rejecting valid requests.
I'm wondering if I should be running it and if so, what would be a way to configure it so that users don't experience any problems but at the same time I'm protecting the server?
Yes... I originally followed the installation instructions. I'm not ready to install just yet, I'm trying to get more information first:
1. SHOULD I use it. I realize that this question is subjective but what is the consensus?
2. IF I use it, what is the best way to configure so that I maintain a fair to good level of security without causing a lot of problems with my users.
I'm really looking for opinions here. I don't really understand all of the options available in Mod_Security so I thought it be best to ask here.
1) Yes use it.
2) Theres a number of rulesets available for mod_security, take one of the available ones from google and then modify it to fit your needs as and when required
It's the "to your needs" that I'm not sure of.
Can any one make a recommendation of any ruleset in particular as a solid starting point?
Moved > Technical & Security Issues .
The best way to configure mod_security is by monitoring the audit_log. Install mod_security and monitor audit_log for one week and adjust the rules in the configuration file.
Okay... I'll give it a shot.
Thanks for the help.
By hakbak in forum Hosting Security and Technology
Last Post: 06-05-2008, 04:56 PM
By Ramprage in forum Hosting Security and Technology
Last Post: 03-30-2007, 07:15 PM
By coight in forum Hosting Security and Technology
Last Post: 01-26-2006, 05:40 AM
By kingtas in forum Hosting Security and Technology
Last Post: 01-24-2005, 08:56 AM
By Bilco105 in forum Hosting Security and Technology
Last Post: 10-05-2004, 11:34 PM