Is anyone using the OWASP ModSecurity Core Rule Set with their Xenforo installs?

Just to follow up on this, I disabled ModSecurity and I have a script combing logs and banning IPs at the network layer using IPTables rules now. Seems to be functioning well-enough.
 
They add a small amount of time to my site's time to first byte, but the big advantage is the anti evil built in.

Tradeoffs are a thing. Your call.
 
Slowing down isn't that bad.. but getting your cached page(s) is NOT okay. And that was the issue I kept facing. It ended up not being worth it.
 
Moscato said:
They add a small amount of time to my site's time to first byte, but the big advantage is the anti evil built in.

Tradeoffs are a thing. Your call.
Click to expand...
Yea, I'm looking to remove ModSecurity from the mix altogether. CloudFlare just curates OWASP rule sets AFAIK.
 
Cloudflare does 4 major things

One, it validates the integrity of a browser, to see if it *should* be allowed to connect to your server

That means BS poorly crafted scripts will fail

Two, they keep a log of evil IP addresses to just block before they even get to you

Three, they offer owasp protections

Four, they add additional WAF protection for various types of things not in owasp
This breaks down to 3 categories
General protections not in owasp that could break some websites, though it it does, it'd be logged to know exactly what went wrong
Language specific protections (php protections, flash protections, etc)
App specific protections (wordpress, joomla, etc)
 
You must log in or register to reply here.

Similar threads

XxUnkn0wnxX
OWASP ModSecurity CRS (WHM Cpanel Config) - Question
Replies
4
Views
2K
XxUnkn0wnxX
XxUnkn0wnxX
Back
Top Bottom