We would recommend the following settings which will limit the log file sizes and allow the rule sets to operate properly. Login and navigate to ModSecurity™ Configuration. These final steps are best done through WHM itself. Wget -O /etc/apache2/conf.d/modsec/ Configuration Note that this will overwrite any custom ModSecurity rules you already have so you might just want to append the contents of the file instead of overwriting it. We’ve put the ModSecurity rule which facilitates the above script and a couple of others that Malware Expert recommend in the following file which can be downloaded in just one step. The following commands will use wget to download the Perl script, and change the permissions on it to allow it to be executed. Hopefully this will block a lot of malware from ever reaching the server. This script from Malware Expert runs every file uploaded via websites on the server through ClamAV. This is an optional step but one we would recommend. usr/local/cpanel/scripts/modsec_vendor add These rule sets provide far more functionality and are the best prevention against malware. Yum install ea-apache24-mod_security2 -y Rule SetsĬPanel provides the OWASP ModSecurity Core Rule Set V3.0 as standard but we personally prefer to use the COMODO ModSecurity Apache Rule Set and Imunif圓60 Rule Set. If not already installed, install ModSecurity with the following yum command: ModSecurity is a great tool for locking your server down and preventing this. The most common point of entry for malware is through vulnerabilities in web applications hosted on the server. Custom rules can also be created, providing flexibility and customization It uses rulesets to protect against the common issues, and it’s Core Rule Set provides rules to protect against common problems such as Trojans and SQL Injection. ModSecurity is an open-source Web Application Firewall (WAF) which is compatible with Apache, Nginx and IIS. In this guide we will be using a cPanel environment with CentOS. This guide will explain how you can use ModSecurity to help protect your server against malware and malicious attacks. Patching your systems to the latest version is not always enough, and it’s more important than ever to ensure that you have a robust malware protection system in place. As more and more content management systems become popular, the exploits to these systems become more widely known. In the world of web hosting, dealing with malware and compromised accounts is a daily occurrence. Protecting Your Server Against Malware With ModSecurityĪidan Chard DecemComments Off on Protecting Your Server Against Malware With ModSecurity
0 kommentar(er)
