Mod_security Rulesets

Portal Home > Knowledgebase > Articles Database > Mod_security Rulesets

Posted by HostFriendly, 09-24-2012, 01:21 AM
Hello, Can you please tell which mod_security rulesets are the best among free ones ?Atomicorp or Default rules or any other? I currently use atomicorp, but it is too sensitive, too many false positives, blocks normal users also. Regards.
Posted by BestServerSupport, 09-24-2012, 01:28 AM
Default rules are definitely not enough. I would recommend the AtomiCorp: The atomicorp.com ruleset is the only one I would recommend for cpanel servers. If you follow the directions, please make sure not to activate every ruleset. All of that information is contained in the atomicorp.com wiki. Read all of the documentation thoroughly before you do anything.
Posted by HostFriendly, 09-24-2012, 01:31 AM
It is possible to enable/disable mod_security for specific accounts, but is it possible to disable some rulesets for specific accounts only ? By the way, do you think it worths buying the paid version of mod_security rulesets atomicorp recommends ? Regards.
Posted by BestServerSupport, 09-24-2012, 02:12 AM
It seems to be possible to disable rule for a certain domain name: http://www.atomicorp.com/wiki/index...._single_domain
Posted by JustinAY, 09-24-2012, 03:17 AM
It is possible to disable mod_security for specific accounts and also location based matches, regardless of what rulesets that you use. The link above details how to do so.
Posted by HostFriendly, 09-24-2012, 03:30 AM
Ok. Thanks very much. Regards.
Posted by Ilan, 09-28-2012, 04:48 AM
Hi, I have it this way. Mod_security Rules =================
Posted by ssfred, 09-28-2012, 05:27 AM
Hello You can download the rules from the following URL http://updates.atomicorp.com/channels/rules/delayed/. The installation instructions are provided on http://www.atomicorp.com/wiki/index....l_Installation. Therse is a seperate section for cpanel servers. The set up appears to be quite efficient and powerful
Posted by WebHostDog, 09-28-2012, 03:12 PM
Atomicorp but they are giving a lot of false positives too.
Posted by HostFriendly, 09-28-2012, 03:33 PM
Higher sensitivity means higher false positive rates
Posted by rcs, 09-28-2012, 04:54 PM
for cpanel, do the following: and you'll be fine.
Posted by FLDataTeK, 09-28-2012, 08:22 PM
If your using cPanel I'd suggest Configserver Modsec control. You can easily enable and disable specific rules per account or disable completely if you want. http://www.configserver.com/cp/cmc.html
Posted by snapstart-chris, 09-29-2012, 12:30 AM
Seriously, for $200/year, get the rule set from spider labs. http://www.modsecurity.org/projects/commercial/rules/ It's by far the best rule set I've seen, and it's cheap.
Posted by HostFriendly, 09-29-2012, 01:48 AM
Atomicorp also have such commercial rules. Have you tried that? Which one do you think would be preferable ? Regards.
Posted by snapstart-chris, 09-29-2012, 02:29 AM
Personally, no, I've never run the atomic rule set. I have friends that have, with mixed results. However, I know that the spiderlabs rules work, and there are numerous reasons that I'll stick with them, both professional and personal, which I won't get into here.
Posted by CoolMike, 09-29-2012, 07:00 AM
Are you sure that this rules are cheap? If you have a server with 200 Accounts you have to pay 40000$ per year. Or did I missunderstand the text on their website?
Posted by PlotHost-Max, 09-29-2012, 08:45 AM
The text is not clear :
Posted by HostFriendly, 09-29-2012, 10:09 AM
It sounds quite expensive for webhosting companies who want to protect whole domains. However for enterprise sites, it may work. 18$/month should sound as less as free for a company who earns $$$$$$$$$ monthly
Posted by snapstart-chris, 09-29-2012, 12:24 PM
Yeah, if you're doing shared hosting, then it's probably not the most affordable. Unless you're trying to separate yourself from the rest of the market.

Add to Favourites Print this Article

Knowledgebase

Mod_security Rulesets

Our Services

Client Menu

Legal