mod_security is a well known web application firewall for Apache that is easy to setup and provides a fair amount of protection from web malware and can even provide some protection from comment spam. The benefits of mod_security have been discussed over and over again and with the recent unforeseen problems with WordPress (In case you have not heard about it, if you have not upgraded your WordPress 2.1.1 installation, you need to do it NOW), mod_security would have provided a level of security if it was installed. Since I had to install mod_security on one of my servers, the steps are fresh in my mind and worth a post. All of the steps below are assuming that you have some sort of a LAMP installation over which you have complete control. If you are on a shared host on LAMP, you will have to ask your provider to install […]
[Continue Reading...]