|
From: Osama E. <oel...@gm...> - 2018-03-27 05:05:02
|
As Christian mentioned, you are probably better off with mod_qos. Also, the user-based blocking you linked to looks like it will block valid users from logging in as well if someone is brute-forcing their accounts. Finally, you can look into other options such as: - adding an invisible CAPTCHA to the login page (this is very straight-forward but would require minor modifications to the application) - using a CDN that requires proof of work before forwarding requests to your site -- Osama Elnaggar On March 27, 2018 at 3:12:47 PM, Christian Folini ( chr...@ne...) wrote: Hi there, On Mon, Mar 26, 2018 at 11:18:20PM -0400, Chip wrote: > Any idea if the suggestions on this page are up-to-date? No timestamp > on the technical details just an interesting how-to. It looks like the author knows ModSecurity given the advanced rule set he / she proposes. But it's hard to tell if this works without testing it by heart. Alternatively, the ModSecurity Handbook has similar rules with the same goal and I guarantee that those really work. But ModSecurity is not the best tool to prevent BruteForce and Automation anyways. At least not when it gets closer to a DoS. Mod_qos and friends are usually better suited. Depends on the rules. The example you linked should apparently be put in Location context. But you can also work in server context which brings advantages as it can be ran in phase 1. But honestly, this is really advanced stuff and pros and cons are all very complicated and take a lot of experience. Ahoj, Christian -- Investors should be aware of the overall dangers the legal profession present to companies, and how its current and generalized naiveté can sink fortunes overnight. --- John Dvorak on the digg.com story in May 2007 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |
