As a company, we utilize mod_security rules which are global to all sites. We do this to help protect sites which may not be actively maintained, which will still cause issues for other users when exploited. However, if you require further protection by mod_security, it is very possible to include rules specific for your domain, without impacting the other users on the server. To do this, you simply need to add to the .htaccess file in the public_html directory with the following:
<IfModule mod_security.c>
</IfModule>
Then, if you find any rules you wish to utilize, or if you feel confident on making your own rules, you simply place the rules in between the two IfModule blocks. Voila! Custom application firewall rules!
- 0 Корисниците го најдоа ова како корисно