• home
• about
• hosting
• faqs
• contact
• weblog
• forum
• help

Weblog

The centrality of security

In a recent post about a small security issue in Wordpress, Matt said

“One note, even if the vulnerability was present in your blog, you would still be safe if your host ran mod_security on their servers.”

Matt had grabbed me the other day about the potential vulnerability in Wordpress and how it couldn’t be reproduced here. Well, it wasn’t that the vulnerability didn’t exist but that we actively prevent a wide range of certain things.

In fact, we have not been affected by a single application (e.g. Textpattern, Wordpress, MovableType, PHPBB ) or “language” (e.g. PHP) vulnerability as a result of a large, proactive and custom set of mod_security rules used in addition to a few other things.

I’ve been developing a set of mod_security and other rules for nearly three years now, and while I’ve never publicly discussed even the mod_security aspect of it (well, not on the weblog or in “marketing” materials) it’s something I’ve been fortunate enough to introduce to a few people.

Besides blocking exploit attempts, it’s used in conjunction with a network appliance to identify and then block millions of comment and trackback spam attempts every month. In fact, we’ve shared our ruleset and they’ve been pushed up into the datacenter proper where they are being used to block up to a 100 million requests a day (equivalent of about 4Mbps constant). TextDrive that!

·:· Posted 29 May 2005, 22:02 by Jason Hoffman to Security  |  Comment [1]

←

Browse categories
About TextDrive About This Particular Weblog Answers Apache Benchmarks Databases Elsewhere Email Lighttpd PHP Rails Ruby Scripting Security Server geek Stuff TextDriven TextDrivers TextPanel Textpattern TextPeople Upon our Recommendation Web servers Wordpress Workshops ZFS

RSS / Atom

Recently:

• The weblog is heading over to Joyeur.com
• The Scale with Rails workshops
• By popular demand, the plain FSCK You shirts are out
• Apache 2.2, mod_proxy_balancer and Mongrel
• Apache 2.2 worker on solaris to a remote mongrel
• I made some other web server points over at Joyeur
• Beware the trailing slash in Apache's proxy balancer
• What about Apache to Mongrel for Rails applications?
• Lighttpd versus Litespeed with Mongrel as a backend for Rails applications
• Moving a ZFS filesystem and all of its snapshots from one zpool to another
• Watch Out for Software Updates
• Two simple tips for freezing your rails
• #1 in Google for ZFS snapshots
• I'll be speaking at the Silicon Valley Ruby Conference
• Joyeur and the Dell Selling Machine
• In town for ETech?
• DragonflyBSD porting ZFS
• ZFS Snapshots
• Correction on Zeus versus Litespeed hitting a static image file
• Rails with Zeus and Mongrel or FCGI

Technorati Profile