Menu
  1. Forum
  3. Security
  5. Joomla Security
  7. SecurityCheck Pro vs Mod Security/Other

Topic-icon SecurityCheck Pro vs Mod Security/Other

  • todd.herman@toddherman.com
  • todd.herman@toddherman.com's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
2 years 2 months ago #7735 by todd.herman@toddherman.com
SecurityCheck Pro vs Mod Security/Other was created by todd.herman@toddherman.com
Jose - hi! I'm looking to use AcyMailing to replace Constant Contact, starting as soon at the end of next week. In reviewing an article on Apache web server hardening (at: geekflare.com/apache-web-server-hardening-security/ ), there is mention of an open source web application firewall, Mod Security.

Questions:
1 - Is it safe to assume SecurityCheck Pro provides at least as good - and probably better - protection than Mod Security?
2 - The GeekFlare article mentions other hardening techniques. Which of these does SecurityCheck Pro implement? For those it doesn't/can't implement, any in particular you recommend I implement?

Stay safe during all this COVID-19 mess and ... Happy Easter!

Best,
Todd

Please Log in or Create an account to join the conversation.

More
2 years 2 months ago #7736 by Jose
Replied by Jose on topic SecurityCheck Pro vs Mod Security/Other
Hi Todd!

1 - Is it safe to assume SecurityCheck Pro provides at least as good - and probably better - protection than Mod Security?

We are taling about two different environments: mod_security is an apache/nginx module (so it protects you before anyone reach the webserver) and Securitycheck Pro is a WAF (Web Application Firewall), so it protects you when the attacker reach your website. It's highly probable your hosting provider have mod_security installed in the server as is one of the most security products used.

2 - The GeekFlare article mentions other hardening techniques. Which of these does SecurityCheck Pro implement? For those it doesn't/can't implement, any in particular you recommend I implement?

Securitycheck Pro has the option to implement some techniques like configuring Content Security Protection (the article only cites X-Xss protection), clickjacking attacks, directory listing, protect the backend... Other protection measures are taken by Joomla core itself. So let's say your security is better having mod_security, Joomla and Securitycheck Pro :)

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • todd.herman@toddherman.com
  • todd.herman@toddherman.com's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
2 years 2 months ago #7737 by todd.herman@toddherman.com
Replied by todd.herman@toddherman.com on topic SecurityCheck Pro vs Mod Security/Other
Jose - thanks for the quick reply, and explaining difference between the 2 products / environments! I'll look into mod_security soon - and I'll obviously keep both Joomla and SecurityCheck Pro updated.
Best,
Todd

Please Log in or Create an account to join the conversation.

More
2 years 2 months ago #7738 by Jose
Replied by Jose on topic SecurityCheck Pro vs Mod Security/Other
You're welcome Todd!

Take care,
Jose

Please Log in or Create an account to join the conversation.

  1. Forum
  3. Security
  5. Joomla Security
  7. SecurityCheck Pro vs Mod Security/Other
Time to create page: 0.073 seconds
Powered by Kunena Forum

Login or Sign In