Unless you're an IT boffin your first reaction on reading the subject of  this article was "What The Fudge is ModSecurity!?".

So just to bring you up to speed, ModSecurity is an Open Source Web  Application Firewall and, in short, it acts as a buffer between your  website and the website visitor and the outside world. Before  your website is served to a visitor the request goes through the  ModSecurity firewall and the firewall decides if it's safe to process  the request, or if it needs to be blocked as malicious.

The ModSecurity Firewall is made up of a large number of rules that are  designed to stop common exploits in their tracks before they can do any damage.

We have recently been testing our updated rule set on a couple of  servers and they appeared to work well so today, (Friday the 16th  October), we have deployed the updated rule set to all Shared and Reseller servers.

The reason for notifying you of this is because there is a slight possibility that with so many different scripts running on our shared servers, there may be a few false positives so if we could ask you to  keep an eye on your websites and let us know if you come across any abnormal behaviour. We will, of course, be doing the same from this end, but two sets of eyes are always better than one!

We should stress that this ModSecurity update doesn't mean you should take your eye off the ball when it comes to following your own good security practices, so you should remember to always keep your scripts up to date (particularly free scripts such as Wordpress) with the latest secure versions, delete any scripts (including plugins, widgets and themes) you no longer use and ALWAYS use strong passwords for your user accounts.

Friday, October 16, 2015

<< Geri