| Posted by CoolMike, 11-10-2010, 04:59 AM | | Hi
We are a shared hosting company and have a lot of joomla customers. Unfortuantely joomla is quite often the targed of hackers.
Therefore we are looking for a solution which is updating automatically rules to block hackers as soon a new security hole in scripts are public.
I found so far dotDefender and the paid rules from gotroot.
We are using Cpanel servers and are looking for a easy integration.
Which solution can you recommend? Is there a better solution?
In case of the gotroot rules, which product is for cpanel servers?
Thanks
Michael
|
| Posted by prashant1979, 11-10-2010, 05:09 AM | | I would recommend DotDefender.
|
| Posted by CoolMike, 11-10-2010, 05:24 AM | | Thanks for the information. I worry a bit that dotDefender will generate to many false positives specially for joomla. I got the information, that they are working on whitelists for some scripts like joomla, wordpress... but the whitelist for joomla is not ready yet.
The paid rules from gotroot are they better regarding joomla? I guess they are more developed for the hosting market and I can imagine that they are better for scripts like joomla. But I could be wrong... dotDefender is a quite expensive solution when you buy only licenses for a few servers.
I installed a trial for dotDefender, but I don't understand the integration. When I create a new account in WHM, do I have to add then the domain manually in dotDefender? Because I saw, that it is not recognized in the gui after I added a new domain.
PHP Safemode is not an option, because there are many joomla components which don't work anymore with this configuration.
|
| Posted by suley786, 11-10-2010, 05:42 AM | | What i would suggest is get your clients to secure their site, as a hoster its not your responsability to secure their sites but secure your server is.
I would sugest you ask them to look into rsfirewall or similar if they are targeted alot, works well and blocks unauthorised access
|
| Posted by CoolMike, 11-10-2010, 05:54 AM | | We always suggest our clients to update scripts, but we try to find a solution for customers who don't want to do this but are willing to pay for the extra security we can offer.
|
| Posted by sam0, 11-10-2010, 06:30 AM | | You could try using a centralised Joomla install, which gets updated automatically. (EDIT: possibly through softaculous?)
If you can't enable safe mode then have a good list of disabled functions in php.ini and open_basedir enabled.
Also bear in mind that mod_security and similar solutions will slow down requests, depending on the amount of rules and how much load is on the server.
|
| Posted by CoolMike, 11-10-2010, 05:05 PM | | So, I tested now dotdefender on a server for a few hours. There are a lot of false posives. This means, some normal Opensource Scripts don't work anymore. A customer with SMF was not able anymore to login. No error message from dotdefender, just login was not possible anymore.
Do I have the same problems also with the paid rules from gotroot?
A centralised Joomla installation is not possible, because I'm just the hoster and can not controll the joomla installations of my customer.
|
| Posted by mikegotroot, 11-10-2010, 07:16 PM | | Mike,
I'm the author of the gotroot rules, we wrote the rules to not generate false positives with applications like Joomla, SMF and other popular applications (plus we use those apps on our own boxes) so I can tell you won't get false positives with those apps if you use our real time rules. Unlike some other WAF companies, we don't expect you to figure out to make the WAF work with your application, thats what you pay us for. So our goal is for the rules to just work right out of the box, every time, for every customer. If it blocks something it shouldn't, its our responsible to fix that for you the same day and do whatever it takes to make sure you can use it and get on with your life.
With that said, we've got lots of cpanel customers using our rules right now, along with lots of companies using our ASL product. We've been at this longer than dotdefender has been around so we've already got the whitelists written for popular apps which is why we don't have false positive issues like others.
I'd be happy to set you up with an account to try out the real time rules - plus if you run into a false positive - any false positive - we will fix it the same day. Just let us know, and we'll make it happen for you. No need to wait.
Just shoot me an email at mike AT atomicorp DOT com and I'll get you setup (Or you can send it my gotroot account mike AT gotroot DOT com).
Also, we're working on a cPanel version of ASL which should be available in a few months.
Last edited by mikegotroot; 11-10-2010 at 07:21 PM.
|
| Posted by CoolMike, 11-11-2010, 03:25 AM | | Michael, I just sent you am mail.
Thanks
Mike
|
|
 Add to Favourites
 Print this Article
|
