Re: modsecurity - shared hosting
Posted: Sun Aug 07, 2011 6:53 am
I give them a redacted output of all the rules that triggered in the past 30 days on their site and point out to them that without mod_sec/ASL their 100 year old install of Typo/Joomla/WordPress/badly-written own php/whatever would have been hacked to hell, and possibly the server too.
I do also point out that not all the hack attempts would have worked, but the point is that they think they can upload anything they like and it will be fine and don't realise the bad guys try over and over and over again until they get in.
Faris.
I do also point out that not all the hack attempts would have worked, but the point is that they think they can upload anything they like and it will be fine and don't realise the bad guys try over and over and over again until they get in.
Faris.