Thread: Apache security & phpBB Forum Hosting
View Single Post
  #11 (permalink)  
Old 05-06-2007, 21:05
DPS Computing's Avatar
DPS Computing DPS Computing is offline
Premium Member
  
Join Date: Apr 2007
Location: Manchester, United Kingdom
Posts: 5,611
Send a message via ICQ to DPS Computing Send a message via AIM to DPS Computing Send a message via MSN to DPS Computing Send a message via Yahoo to DPS Computing Send a message via Skype™ to DPS Computing
Default
Quote:
Originally Posted by eukhost.com View Post
nope. reason we have mod_security on our servers is to keep website hostings secure. If everyone starts disabling mod_security then one day we will again go through multiple website hostings injection attack. last time I managed to get their domain removed from Registry so they are quite now but we cannot underestimate them. They will come back someday to test our security settings.
I suppose your right about that.

Are all accounts that disable mod_security moved to the unsecure server to keep the other servers secure then? - or does it just affect their own account or could gaining access to one unsecure account be used to attack another secure account on the same server? .
__________________
David Smith
DPS Computing
http://www.dpscomputing.com (Computing, Reviews, News) - New site / new polls / new stories! With many more to follow!
http://djdavid.dpscomputing.com (My DJ Website) - Updated for Christmas 08!
NEW LAUNCH! http://davidsmith.dpscomputing.com (My Personal Website) - Temporarily Unavailable .
Reply With Quote