It's time to do mod_security
One of our servers got hacked 3 times in 5 days, due to unpatched phpBB and another popular OSS. Although we're successful in stopping the old hack by modifying those outdated scripts, but new hack keeps coming in to some other customers' sites. I'm fed up with this and decide to go ahead with installing mod_security to at least prevent URL injection and several other things. For cPanel servers, just read this thread with nice (but sometimes too much) examples of modsec.user.conf.
I then added these few lines to cPanel's default config:
I then added these few lines to cPanel's default config:
# added by KM
SecFilterSelective THE_REQUEST "lynx "
SecFilterSelective THE_REQUEST "scp "
SecFilterSelective THE_REQUEST "ftp "
SecFilterSelective THE_REQUEST "cvs "
SecFilterSelective THE_REQUEST "curl "
SecFilterSelective THE_REQUEST "telnet "
SecFilterSelective THE_REQUEST "ssh "
SecFilterSelective THE_REQUEST "echo "
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home