Hidora's partners and clients

What is ModSecurity and how can it help me?

Nginx is one of the best web servers out there and one of its major selling points is that it’s incredibly secure by default. Unfortunately, this doesn’t mean that you can’t make some minor tweaks to increase its security even more! A great way to do this is with ModSecurity, an open source web application firewall (WAF) system written in C. It can use rulesets to prevent cross-site scripting attacks, SQL injection attacks, shell injection attacks, and much more.

Nginx and modsecurity

How does Nginx use ModSecurity?

Nginx uses ModSecurity to protect against Cross-Site Scripting (XSS) attacks, Denial of Service (DoS) attacks, SQL injection attacks, Command Injection Attacks, Buffer Overflow Attacks and Clickjacking. This protection is done by inspecting HTTP requests and responses with rules specified in a flexible configuration file (which uses syntax similar to Apache’s mod_rewrite). If you are using Nginx as a reverse proxy for another application or service then you may want to forward requests to another application/service for further processing; however if you do not want any more processing of request/response data then using Nginx as a reverse proxy together with ModSecurity allows your web server to be safe from some types of OWASP Top 10 vulnerabilities.A Web Application Firewall (WAF) is software designed to protect one or more applications deployed behind it. An added benefit of using ModSecurity as an HTTP firewall is that unlike many WAF solutions which offer only basic filtering capabilities – such as detecting attempts at directory traversal – other inspection capabilities can also be implemented without significant impact on system performance thanks to nginx’s architecture which was originally developed for high traffic websites with exceptional performance requirements.

Why should I use ModSecurity?

The short answer is that WAFs—web application firewalls—are becoming increasingly popular for protecting servers from DDoS attacks and other web-based threats. A WAF acts as a firewall for your site, filtering out traffic that may put your site at risk or impact page load times. They can also monitor activity on your site to flag any anomalies that may suggest a potential attack or scam. At its core, a WAF works by checking URLs against a rule set that you set up to identify malicious traffic. It’s similar to antivirus software in many ways, but tailored specifically for websites. If something passes through a WAF’s filter then it should be safe for release onto your site. If something fails, however, it will be blocked before reaching your website. Because of these properties, sites using a WAF report fewer occurrences of malicious requests—because they don’t even reach their server–and faster responses due to fewer bottlenecks in site performance caused by malicious requests. This means more protection without slowing down access to your content or resulting in slower load times.

Why should I use both Nginx and ModSecurity together?

The reason why you should combine Nginx with ModSecurity is because Nginx does not possess any real security capabilities of its own. It would still be vulnerable to SQL injections, cross-site scripting (XSS), and many other types of attacks. In order to protect your application, you’ll need a WAF (Web Application Firewall). Using Nginx in front of a WAF will add an extra layer of protection between your web app and malicious users. What makes ModSecurity different from most other WAFs on the market is that it’s an open source project which means anyone can contribute patches, report bugs, and submit feature requests; all without paying license fees. As more contributors are added to ModSecurity’s core team, new features will always be rolled out quickly; making sure that website owners get access to all kinds of protection against emerging threats as soon as possible. Since ModSecurity was released back in 2002, it has evolved into one of the most popular standalone PHP applications available today! All developers who use or implement ModSecurity into their projects get free access to high quality software that only gets better with time. Today, millions of people and businesses rely on ModSecurity for their everyday needs. By combining Nginx with ModSecurity together into a unique Nginx + ModSec stack, websites will experience increased performance while also enjoying increased protection levels they wouldn’t otherwise have access to if they used these technologies separately.

How to setup ModSecurity on Hidora

It is really basic ! We provide ModSecurity as an addon for your Nginx nodes. All you have to do is install this addon and ModSecurity will be enabled and configured for your application ! You don’t need to know a lot about security, we are here to help you! With Hidora, all our customers have access to our expert team of security engineers who analyze, fix, and monitor all threats that might impact your applications in real time.

Nginx

setup ModSecurity on Hidora

setup ModSecurity on Hidora

It’s done ! Modsecurity is now installed and configured for your Nginx node ! 🙂

Written by

Mattia
Mattia ELEUTERI
29/04/2022

I’m an IT guy who tries to master most of the DevOps tools we offer. If you have any questions or problems, chances are you’ll run into me when you ask for support 🙂

Receive our news

Subscribe to our monthly newsletter to stay informed