Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 11-16-2024, 10:13 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Support Area / System Setup & Installation v / Do you think Mod_Security is needed?

Post Reply 
Do you think Mod_Security is needed?
Author Message
robmorin Offline
Junior Member
*

Posts: 208
Joined: Apr 2007
Reputation: 0
Post: #1
Do you think Mod_Security is needed?
Hello all... i was wondering with all the new fcgi, and the way Omega implements the use of php security, do you think mod_security would be any help? I use it now in my vhcs2 setup , but it can be a pain in the ass to setup...

Once i installed it i had virtually no hacks at all.... mind you once you CHOWN to root only files like this, a script i use on every machine..

chmod g-x,o-x /usr/bin/wget
chmod g-x,o-x /usr/bin/curl
chmod g-x,o-x /usr/bin/lwp-*
chmod g-x,o-x /usr/bin/lynx.stable
chmod g-x,o-x /usr/bin/fetch
chmod g-x,o-x /usr/bin/GET
chmod g-x,o-x /usr/bin/netkit-ftp
chmod g-x,o-x /usr/bin/lwp-request

There is not much a hacker can do to get scripts over to the web server for cross site scripting hacks....

Any opinions/comments?

Thanks

ROb..
10-24-2007 12:29 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
Do you think Mod_Security is needed? - robmorin - 10-24-2007 12:29 AM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication