Hello,
I am planning on purchasing the cxs scanner, because previously I was using apache / atomicorp modsec rules but as I shifted to litespeed the modsecurity rules are no longer working. Which is a shame as since using those none of the sites hosted on the server got hacked / defaced.
So now I need a solution and cxs seems somewhat of an answer but it also seems to be dependent on modsec which causes more confusion. Please help in making me a more informed decision.
Cheers!
CXS and ModSecurity and Litespeed
Re: CXS and ModSecurity and Litespeed
You might have better luck contacting ConfigServer at their sales@ address.
http://www.configserver.com/contact.html
http://www.configserver.com/contact.html
Re: CXS and ModSecurity and Litespeed
CXS web script scanning via mod-security is not compatible with litespeed due to litespeed's incomplete implementation of mod_security. If you have enabled suhosin, you could alternatively use the suhosin hook instead which will at least scan uploads via php script.hpk wrote:Hello,
I am planning on purchasing the cxs scanner, because previously I was using apache / atomicorp modsec rules but as I shifted to litespeed the modsecurity rules are no longer working. Which is a shame as since using those none of the sites hosted on the server got hacked / defaced.
So now I need a solution and cxs seems somewhat of an answer but it also seems to be dependent on modsec which causes more confusion. Please help in making me a more informed decision.
However, unless your server is a Virtuozzo or OpenVZ VPS, is severely overloaded or does not have sufficient resources, you should be able to use cxswatch, which does not depend on mod_security and is a more comprehensive scanning method.
Regards,
Sarah