Hébergement web, cloud et solutions personnalisées
As a leader in the hosting management industry, cPanel continuously serves Web Hosting Providers and System Administrators with multiple integrated options to protect their servers. Houston, TX – February 3, 2020 – cPanel, L.L.C., an industry-leading hosting server management solution for the past 20 years, announced it is adding ImunifyAV+ to the suite …
cPanel Newsroom
For anyone running a website, 2020 promises to be a tough year when it comes to cybersecurity. According to a range of security experts, not only will you have to deal with the many existing risks; there will also be a raft of emerging threats, many of them highly advanced. Here, we’ll look at some …
Hello!
If any of you use mod_security as a web application firewall, you might have enlisted the services of Atomicorp for regularly updating your mod_security ruleset with signatures to protect against constantly changing threats to web applications in general.
One of the initial challenges, in a managed hosting environment, was to implement a system that utilizes the Atomicorp mod_security rules and update them regularly on an automated schedule.
When you subscribe to their service, they provide access credentials in order to pull the rules. You then need to integrate the rule files into your mod_security implementation and gracefully restart apache or nginx to ensure all the updated rules are loaded.
We developed a very simple python script, intended to run as a cron scheduled task, in order to accomplish this. We thought we would share it here in case anyone else may find it useful at all to accomplish the same thing. This script could easily be modified to download rules from any similar service, alternatively. This script was written for nginx, but can be changed to be integrated with apache.
Find the code below. Enjoy!
#!/usr/bin/python
import urllib2,re,requests,tarfile,os,time
username = 'yourusername'
password = 'yourpassword'
# create a password manager
password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
top_level_url = "http://updates.atomicorp.com/channels/rules/subscription/"
password_mgr.add_password(None, top_level_url, username, password)
handler = urllib2.HTTPBasicAuthHandler(password_mgr)
opener = urllib2.build_opener(handler)
urllib2.install_opener(opener)
#data = urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION')
for line in urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION'):
if 'MODSEC_VERSION' in line:
var = line.split('=',1)
version = var[1].replace('n', '')
# they throttle connection requests
time.sleep(10)
atomicdl = 'http://updates.atomicorp.com/channels/rules/subscription/modsec-' + version + '.tar.gz'
atomicfile = urllib2.urlopen(atomicdl)
output = open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'wb')
output.write(atomicfile.read())
output.close()
tar = tarfile.open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'r:gz')
tar.extractall('/etc/nginx/modsecurity.d/')
tar.close()
os.system("rsync -ravzp /etc/nginx/modsecurity.d/modsec/ /etc/nginx/modsecurity.d")
os.system("rm -rf /etc/nginx/modsecurity.d/modsec /etc/nginx/modsecurity.d/modsecrules.tar.gz")
os.system("sed -i '//d' /etc/nginx/modsecurity.d/*.conf")
The post Auto updating Atomicorp Mod Security Rules appeared first on Managed WordPress Hosting | Managed VPS Hosting | Stack Star.
Managed WordPress Hosting | Managed VPS Hosting | Stack Star
Hello!
If any of you use mod_security as a web application firewall, you might have enlisted the services of Atomicorp for regularly updating your mod_security ruleset with signatures to protect against constantly changing threats to web applications in general.
One of the initial challenges, in a managed hosting environment, was to implement a system that utilizes the Atomicorp mod_security rules and update them regularly on an automated schedule.
When you subscribe to their service, they provide access credentials in order to pull the rules. You then need to integrate the rule files into your mod_security implementation and gracefully restart apache or nginx to ensure all the updated rules are loaded.
We developed a very simple python script, intended to run as a cron scheduled task, in order to accomplish this. We thought we would share it here in case anyone else may find it useful at all to accomplish the same thing. This script could easily be modified to download rules from any similar service, alternatively. This script was written for nginx, but can be changed to be integrated with apache.
Find the code below. Enjoy!
#!/usr/bin/python
import urllib2,re,requests,tarfile,os,time
username = 'yourusername'
password = 'yourpassword'
# create a password manager
password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
top_level_url = "http://updates.atomicorp.com/channels/rules/subscription/"
password_mgr.add_password(None, top_level_url, username, password)
handler = urllib2.HTTPBasicAuthHandler(password_mgr)
opener = urllib2.build_opener(handler)
urllib2.install_opener(opener)
#data = urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION')
for line in urllib2.urlopen('http://updates.atomicorp.com/channels/rules/subscription/VERSION'):
if 'MODSEC_VERSION' in line:
var = line.split('=',1)
version = var[1].replace('n', '')
# they throttle connection requests
time.sleep(10)
atomicdl = 'http://updates.atomicorp.com/channels/rules/subscription/modsec-' + version + '.tar.gz'
atomicfile = urllib2.urlopen(atomicdl)
output = open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'wb')
output.write(atomicfile.read())
output.close()
tar = tarfile.open('/etc/nginx/modsecurity.d/modsecrules.tar.gz', 'r:gz')
tar.extractall('/etc/nginx/modsecurity.d/')
tar.close()
os.system("rsync -ravzp /etc/nginx/modsecurity.d/modsec/ /etc/nginx/modsecurity.d")
os.system("rm -rf /etc/nginx/modsecurity.d/modsec /etc/nginx/modsecurity.d/modsecrules.tar.gz")
os.system("sed -i '//d' /etc/nginx/modsecurity.d/*.conf")
The post Auto updating Atomicorp Mod Security Rules appeared first on Managed WordPress Hosting | Managed VPS Hosting | Stack Star.
Managed WordPress Hosting | Managed VPS Hosting | Stack Star
Website security is vital for your business, protecting your company against the increasing threat of hacking, infection, ransomware and data theft and the calamitous consequences which ultimately follow. To secure your website, you need to know what the different threats are and how to defend against them. In this post, we’ll look at the major …
Welcome to phpMyAdmin 4.9.0.1, a bugfix release that includes important security fixes.
This release fixes two security vulnerabilities:
Version 4.9.0 mistakenly did not include a commit and 4.9.0.1 was quickly released to include that missing fix.
Upgrading is highly recommended for all users. Using the ‘http’ auth_type instead of ‘cookie’ can mitigate the CSRF attack.
The solution for the CSRF attack does remove the former functionality to log in directly through URL parameters (as mentioned in FAQ 4.8, such as https://example.com/phpmyadmin/?pma_username=root&password=foo). Such behavior was discouraged and is now removed. Other query parameters work as expected; only pma_username and pma_password have been removed.
As a result of the removal of this feature, we have decided the change in behavior justifies a version increase from 4.8.x to 4.9. We strive to adhere to Semantic Versioning principles, which prohibit removing features in patch releases. Previously version 4.8.x was intended as the LTS version supporting PHP 5.5; because of this change the LTS branch will now become version 4.9.x.
This release also includes fixes for many bugs, including:
There are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors.
The phpMyAdmin team
edit 2019-06-05 – Added information about why this is 4.9.0 rather than 4.8.x.