Menu

Topic-icon SecurityCheck Pro vs Mod Security/Other

  • todd.herman@toddherman.com
  • todd.herman@toddherman.com's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
4 months 3 days ago #7735 by todd.herman@toddherman.com
SecurityCheck Pro vs Mod Security/Other was created by todd.herman@toddherman.com
Jose - hi! I'm looking to use AcyMailing to replace Constant Contact, starting as soon at the end of next week. In reviewing an article on Apache web server hardening (at: geekflare.com/apache-web-server-hardening-security/ ), there is mention of an open source web application firewall, Mod Security.

Questions:
1 - Is it safe to assume SecurityCheck Pro provides at least as good - and probably better - protection than Mod Security?
2 - The GeekFlare article mentions other hardening techniques. Which of these does SecurityCheck Pro implement? For those it doesn't/can't implement, any in particular you recommend I implement?

Stay safe during all this COVID-19 mess and ... Happy Easter!

Best,
Todd

Please Log in or Create an account to join the conversation.

More
4 months 3 days ago #7736 by Jose
Replied by Jose on topic SecurityCheck Pro vs Mod Security/Other
Hi Todd!

1 - Is it safe to assume SecurityCheck Pro provides at least as good - and probably better - protection than Mod Security?

We are taling about two different environments: mod_security is an apache/nginx module (so it protects you before anyone reach the webserver) and Securitycheck Pro is a WAF (Web Application Firewall), so it protects you when the attacker reach your website. It's highly probable your hosting provider have mod_security installed in the server as is one of the most security products used.

2 - The GeekFlare article mentions other hardening techniques. Which of these does SecurityCheck Pro implement? For those it doesn't/can't implement, any in particular you recommend I implement?

Securitycheck Pro has the option to implement some techniques like configuring Content Security Protection (the article only cites X-Xss protection), clickjacking attacks, directory listing, protect the backend... Other protection measures are taken by Joomla core itself. So let's say your security is better having mod_security, Joomla and Securitycheck Pro :)

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • todd.herman@toddherman.com
  • todd.herman@toddherman.com's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
4 months 3 days ago #7737 by todd.herman@toddherman.com
Replied by todd.herman@toddherman.com on topic SecurityCheck Pro vs Mod Security/Other
Jose - thanks for the quick reply, and explaining difference between the 2 products / environments! I'll look into mod_security soon - and I'll obviously keep both Joomla and SecurityCheck Pro updated.
Best,
Todd

Please Log in or Create an account to join the conversation.

More
4 months 2 days ago #7738 by Jose
Replied by Jose on topic SecurityCheck Pro vs Mod Security/Other
You're welcome Todd!

Take care,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.095 seconds
Powered by Kunena Forum

Login or Sign In