Auto updating Atomicorp Mod Security Rules

Posted by: Admin  :  Category: Web Hosting

Linux Cpanel shared hosting: 600 GB disk space, 6 TB bandwidth, free domain, unlimited databases and ftp accounts, web hosting cheap and pro at Hostony

Hello!

If any of you use mod_security as a web application firewall, you might have enlisted the services of Atomicorp for regularly updating your mod_security ruleset with signatures to protect against constantly changing threats to web applications in general.

One of the initial challenges, in a managed hosting environment, was to implement a system that utilizes the Atomicorp mod_security rules and update them regularly on an automated schedule.

When you subscribe to their service, they provide access credentials in order to pull the rules. You then need to integrate the rule files into your mod_security implementation and gracefully restart apache or nginx to ensure all the updated rules are loaded.

We developed a very simple python script, intended to run as a cron scheduled task, in order to accomplish this. We thought we would share it here in case anyone else may find it useful at all to accomplish the same thing. This script could easily be modified to download rules from any similar service, alternatively. This script was written for nginx, but can be changed to be integrated with apache.

Find the code below. Enjoy!

Linux Cpanel shared hosting: 600 GB disk space, 6 TB bandwidth, free domain, unlimited databases and ftp accounts, web hosting cheap and pro at Hostony

#!/usr/bin/python
import urllib2,re,requests,tarfile,os,time

username = 'yourusername'
password = 'yourpassword'
# create a password manager
password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
top_level_url = "http://updates.atomicorp.com/channels/rules/subscription/"
password_mgr.add_password(None, top_level_url, username, password)
handler = urllib2.HTTPBasicAuthHandler(password_mgr)
opener = urllib2.build_opener(handler)
urllib2.install_opener(opener)
#data = urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION')

for line in urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION'):
    if 'MODSEC_VERSION' in line:
        var = line.split('=',1)
        version = var[1].replace('n', '')

# they throttle connection requests
time.sleep(10)

atomicdl = 'http://updates.atomicorp.com/channels/rules/subscription/modsec-' + version + '.tar.gz'
atomicfile = urllib2.urlopen(atomicdl)
output = open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'wb')
output.write(atomicfile.read())
output.close()

tar = tarfile.open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'r:gz')
tar.extractall('/etc/nginx/modsecurity.d/')
tar.close()

os.system("rsync -ravzp /etc/nginx/modsecurity.d/modsec/ /etc/nginx/modsecurity.d")
os.system("rm -rf /etc/nginx/modsecurity.d/modsec /etc/nginx/modsecurity.d/modsecrules.tar.gz")
os.system("sed -i '//d' /etc/nginx/modsecurity.d/*.conf")

The post Auto updating Atomicorp Mod Security Rules appeared first on Managed WordPress Hosting | Managed VPS Hosting | Stack Star.

Managed WordPress Hosting | Managed VPS Hosting | Stack Star

Linux Cpanel shared hosting: 600 GB disk space, 6 TB bandwidth, free domain, unlimited databases and ftp accounts, web hosting cheap and pro at Hostony

Auto updating Atomicorp Mod Security Rules

Posted by: Admin  :  Category: Web Hosting

Hello!

If any of you use mod_security as a web application firewall, you might have enlisted the services of Atomicorp for regularly updating your mod_security ruleset with signatures to protect against constantly changing threats to web applications in general.

One of the initial challenges, in a managed hosting environment, was to implement a system that utilizes the Atomicorp mod_security rules and update them regularly on an automated schedule.

When you subscribe to their service, they provide access credentials in order to pull the rules. You then need to integrate the rule files into your mod_security implementation and gracefully restart apache or nginx to ensure all the updated rules are loaded.

We developed a very simple python script, intended to run as a cron scheduled task, in order to accomplish this. We thought we would share it here in case anyone else may find it useful at all to accomplish the same thing. This script could easily be modified to download rules from any similar service, alternatively. This script was written for nginx, but can be changed to be integrated with apache.

Find the code below. Enjoy!

#!/usr/bin/python
import urllib2,re,requests,tarfile,os,time

username = 'yourusername'
password = 'yourpassword'
# create a password manager
password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
top_level_url = "http://updates.atomicorp.com/channels/rules/subscription/"
password_mgr.add_password(None, top_level_url, username, password)
handler = urllib2.HTTPBasicAuthHandler(password_mgr)
opener = urllib2.build_opener(handler)
urllib2.install_opener(opener)
#data = urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION')

for line in urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION'):
    if 'MODSEC_VERSION' in line:
        var = line.split('=',1)
        version = var[1].replace('n', '')

# they throttle connection requests
time.sleep(10)

atomicdl = 'http://updates.atomicorp.com/channels/rules/subscription/modsec-' + version + '.tar.gz'
atomicfile = urllib2.urlopen(atomicdl)
output = open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'wb')
output.write(atomicfile.read())
output.close()

tar = tarfile.open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'r:gz')
tar.extractall('/etc/nginx/modsecurity.d/')
tar.close()

os.system("rsync -ravzp /etc/nginx/modsecurity.d/modsec/ /etc/nginx/modsecurity.d")
os.system("rm -rf /etc/nginx/modsecurity.d/modsec /etc/nginx/modsecurity.d/modsecrules.tar.gz")
os.system("sed -i '/<LocationMatch*/,/</LocationMatch>/d' /etc/nginx/modsecurity.d/*.conf")

The post Auto updating Atomicorp Mod Security Rules appeared first on Managed WordPress Hosting | Managed VPS Hosting | Stack Star.

Managed WordPress Hosting | Managed VPS Hosting | Stack Star

Free Auto Classifieds Ads – What are the Benefits

Posted by: Admin  :  Category: Web Hosting

Before the Internet, selling a car was a major hassle for the average person. They had to take pictures of the car and post them in their local paper for a fee. Then, they would wait patiently for several days or several weeks for the telephone to ring. They might spend several hundred dollars on advertising fees. Today, it is possible to list a car for free or a small fee on Auto Classified ads sites on the Internet.
Find Articles, Free Articles Directory | Web Hosting Articles

Multi Profit Websites: D9 Hosting Auto Setup Package

Posted by: Admin  :  Category: Web Hosting Reviews

Have multi profit websites automatically installed when you use the exclusive D9 hosting auto setup package.
Video Rating: 5 / 5

Part 2: Flash AS3 Real Time Auto Updating Chat Application Tutorial for Websites

Posted by: Admin  :  Category: Mysql

Free Source Files – www.developphp.com Part 2 of learning how to build a flash auto updating real time chat application with a liitle help from PHP and MySQL. We will be using Actionscript 3.0 in this lesson series. Visit our entire tutorial archive and network: www.developphp.com
Video Rating: 4 / 5

Grand Theft Auto Liberty City Stories PSP Review

Posted by: Admin  :  Category: Web Hosting Reviews

Day 1 of the PSP week 🙂 Next PSP video ( God Of War Chain Of the Olyimpus) Then (Worms Open Warfare 1 or 2) (if by any reason i havent been on in a day in this week that is because i am having little internet issues but they are getting solved 🙂 ( i hope)Tags] Extra Tags IGNORE… Call of Duty WaW new way that we found the ONLY WAY this map without mods SUBSCRIBE out of shi no numa ray gun wanderwaffle dg2 how to get on top corrison pack call duty small bounce is person by jackbean8822 people on top subscribe World at War Cod New Nazi Zombie Glitch Shi No Numa Modern Warfare Swamp Verruckt Der Riese hacks xbox 360 ps3 tutorial transformers revenge fallen killers2kill cheats Supposed cp 1 Wwe Adam free money Recon Armor Master Chief PS3 Microsoft ELITE Master Chief machinima As Xbox 360® readies What is machinima for the next wave of audience gamertag change expansion, Microsoft today announced usa a new Xbox free habbo credits experience that will canada reinvent home entertainment from the inside out, changing the way we play games, watch movies and TV shows, and even become contestants in game shows. It all begins this fall with a bold new look and feel that is fun, social, and simple to use. Subscribe Unsubscribe Sign in to YouTube now! FLYING GHOST Sign in with your Google Account! This is an E3 preview of the new Xbox 360 dashboard … MONEY FREE AWESOMEThis is an E3 preview of the new Xbox 360 dashboard soon to be released. xbox 360 new dashboard gears marcus dom
Video Rating: 4 / 5