Current time: 07-28-2017, 07:54 AM Hello There, Guest! (LoginRegister)

Post Reply 
ModSecurity rules
06-11-2017, 05:08 AM (This post was last modified: 06-11-2017 05:09 AM by jwillberg.)
Post: #1
ModSecurity rules
There are lot of ModSecurity rules vendors

https://waf.comodo.com/
http://modsecurity.org/
https://malware.expert/
https://atomicorp.com/


Anything else and what is you suggestion which one to use in production envirioment ?
Find all posts by this user
Quote this message in a reply
06-12-2017, 11:03 AM
Post: #2
RE: ModSecurity rules
Where is your production environment hosted? On DreamHost managed services, there there is already a WAF running and you may not need to add more filtering. If you're running your applications on DreamCompute then things are different since the operating system on DreamCompute is not managed.
Find all posts by this user
Quote this message in a reply
06-12-2017, 12:17 PM
Post: #3
RE: ModSecurity rules
(06-12-2017 11:03 AM)smaffulli Wrote:  Where is your production environment hosted? On DreamHost managed services, there there is already a WAF running and you may not need to add more filtering. If you're running your applications on DreamCompute then things are different since the operating system on DreamCompute is not managed.

Virtual private servers (VPS), Running Apache + ModSecurity.
Find all posts by this user
Quote this message in a reply
06-13-2017, 12:51 PM
Post: #4
RE: ModSecurity rules
If Apache on your VPS is managed by DreamHost then you don't need to add your own WAF modSecurity rules: DreamHost deploys and maintains a set of rules based on the core rule set, plus some customizations.

If your Apache instance is unmanaged then you're welcome to shop around, of course.
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump: