MOD_SECURITY ROLLING OUT

 

Good afternoon, over the past few weeks we have been working on building a mod_security rule set together that we believe will help many of you with the ongoing problem of vulnerable/out of date web applications, like WordPress, Joomla or vBulletin. As I’m sure many of you know, there were many issues recently related to a WordPress and ShellShock vulnerability, in particular. This rule set will stop that attack, and many others!

While the rules we’re working on will help to cushion the impact of this kind of vulnerability being released, I want to stress that we still need each and every one of you to be a responsible citizen. Most of the more popular software developers maintain an announcement mailing list, subscribing to these lists for the software you use will give you the heads up on new releases and security issues. It’s very important to keep the software you use on your accounts up to date and patched!We’ve played with deploying mod_security a few times in the past, and it’s always been tricky to find a good balance of protection vs the increased load that mod_security causes. We think we’ve found a great balance, and we’re gradually deploying this to the fleet. Right now we’ve deployed it to just under a quarter of our shared/reseller machines, and already we’re seeing significant benefits.We hope to finish up deploying this to the rest of the SnapBlox fleet over the next week or two.We’re still working on finding the perfect balance between security, load caused and the triggering of false positives. So far we’ve seen only a handful of false positives out of thousands of sites that we’ve enabled this on, but if any of you guys are experiencing unexpected 403 or 406 error messages, or just want some more information, please contact support and we’ll be happy to help.