We are enabling the mod_security feature on our cPanel server tomorrow due to the large volume of attacks we receive and the number of trojans, malware, and viruses detected each week in user's accounts* (today alone our firewall has blocked over 1200 automated attacks and last night our virus scan cleaned up over 40 pieces of malware installed on client websites either through software exploits or compromised login credentials). We will be installing the default OWASP ModSecurity Core Rule Set to help block common attack types and improve the security on our shared hosting environment but if you find these rules to negatively impact your website you can disable mod_security for any or all of your domains inside cPanel. If you do find that the rules in place do impact your website in any way please open a ticket with our Support department and we can investigate further and remove any rules that have a significant impact on our clients or popular software.
You can read more about the OWASP ModSecurity Core Rule Set here: https://documentation.cpanel.net/display/CKB/OWASP+ModSecurity+CRS
*Please note that our environment is configured so that malware, trojans, viruses, and other malicious software cannot spread to other client's directories so your data is safe from these kinds of exploits. All user directories are locked down with specific permissions so no other user can read, write, or execute files in another user's directory ever (thus a virus cannot spread to a directory it cannot write to).
Monday, July 20, 2015
