{"id":2165,"date":"2021-06-25T10:38:01","date_gmt":"2021-06-25T07:38:01","guid":{"rendered":"https:\/\/www.scalahosting.com\/kb\/?p=2165"},"modified":"2021-06-29T09:35:48","modified_gmt":"2021-06-29T06:35:48","slug":"what-is-mod_security-and-should-i-use-it","status":"publish","type":"post","link":"https:\/\/www.scalahosting.com\/kb\/what-is-mod_security-and-should-i-use-it\/","title":{"rendered":"What is mod_security and Should I Use It?"},"content":{"rendered":"

Organizations need every help they can get to <\/span>protect their systems and online assets<\/b>.\u00a0 The rate of malicious attacks and requests against web apps has made securing online assets increasingly necessary.\u00a0<\/span><\/p>\n

The latest Annual Bad Bot Report shows that automated attack bots generated a quarter of all web traffic in 2019, rising 18.1 percent from the previous year. Humans account for only about 62 percent of all internet traffic.<\/span><\/p>\n

The report shows that financial services (47.7 percent), education (45.7 percent), IT and services (45.1 percent), marketplace (39.8 percent), and government (37.5 percent) received the most hits.<\/span><\/p>\n

Most of the bad bots impersonated Chrome browsers to by-pass scrutiny<\/span>. How do you protect your systems from these attacks? <\/span><\/i>L<\/span>et\u2019s take a look at mod_security and what it does.<\/b><\/p>\n

What\u2019s Mod_Security?<\/b><\/h2>\n

Mod_security is an open-source web application firewall (WAF)<\/b> that safeguards websites and web applications against many threats and automated bots attacks.<\/span><\/p>\n

It establishes external security layers that <\/span>offer protection to web-based software programs<\/b>, detecting and preventing attacks, like cross-site scripting and code injection attacks before they reach them.\u00a0<\/span><\/p>\n

The module is invaluable for protecting websites running on content management systems (CMS), for example, <\/span>WordPress or <\/b>eCommerce applications like Magento<\/b><\/a>.<\/span><\/p>\n

Though most servers have <\/span>in-built firewalls, mod_security<\/b> plays a complementary role to offer complete security to web applications.<\/span><\/p>\n

How Does Mod_Security Work?<\/b><\/h2>\n

Network firewalls safeguard servers from malicious traffic<\/b> at the network level but cannot filter malicious requests against web applications because they often mimic legitimate web traffic.<\/span><\/p>\n

Mod_security works best at <\/span>handling malicious requests<\/b> at application layers. It\u2019s a rule-based web application firewall that works in the background.<\/span><\/p>\n

The firewall monitors incoming web requests in<\/span> real-time to identify malicious traffic<\/b> by comparing the requests to a list of rules.\u00a0<\/span><\/p>\n

It searches for patterns that match attacks such as <\/span>SQL injections<\/b><\/a>, cross-site scripting, session hijacking, and more, blocking the connections before they reach the application.<\/span><\/p>\n

The<\/span> Open Web Application Security Project (OWASP) <\/b>curates the most popular free ruleset in common use today. The <\/span>Core Rule Set<\/b> includes rules that protect web applications against a wide range of threats.<\/span><\/p>\n

The ruleset can also protect against the OWASP Top Ten\u2014a frequently <\/span>updated list of the most common threats.<\/b><\/p>\n

Why You Should Use It<\/b><\/h2>\n

Mod_security helps protect your system against common web-based threats.<\/b> It works in real-time to filter malicious activities. The module complements your network firewall to keep your application safer.<\/span><\/p>\n

The module support rule engine that helps protects against:<\/b><\/p>\n