- Posts: 6
- Thank you received: 0
We are taling about two different environments: mod_security is an apache/nginx module (so it protects you before anyone reach the webserver) and Securitycheck Pro is a WAF (Web Application Firewall), so it protects you when the attacker reach your website. It's highly probable your hosting provider have mod_security installed in the server as is one of the most security products used.
1 - Is it safe to assume SecurityCheck Pro provides at least as good - and probably better - protection than Mod Security?
Securitycheck Pro has the option to implement some techniques like configuring Content Security Protection (the article only cites X-Xss protection), clickjacking attacks, directory listing, protect the backend... Other protection measures are taken by Joomla core itself. So let's say your security is better having mod_security, Joomla and Securitycheck Pro
2 - The GeekFlare article mentions other hardening techniques. Which of these does SecurityCheck Pro implement? For those it doesn't/can't implement, any in particular you recommend I implement?