Site Firewalls: 6G
The 6G WAF was originally developed by Jeff Starr at Perishable Press for Apache-based servers. 6G is an excellent lightweight firewall that parses requests for anything anomalous or malicious looking, looking for: Bad Bots Bad Referrers Bad Query Strings Bad Requests Disallowed Request Methods We have adapted the firewall for Nginx, but more details can be […]
Site Firewalls: ModSec
Introduction Developer plan accounts have access to the ModSecurity WAF for each of their sites on a vCanopy managed server. We use the full OWASP foundation 3+ Core Ruleset (CRS) to protect your sites from a wide array of attack vectors including: SQL Injection (SQLi) Cross-Site Scripting (XSS) Local File Inclusion (LFI) Remote File Inclusion (RFI) PHP Code […]
Using the vCanopy 6G Web Application Firewall
Index Introduction Using the Firewall Provision a server and deploy a vCanopy Site Enable/Disable the vCanopy 6G WAF The 6G WAF Logs Enable/Disable 6G WAF Rulesets Create WAF Whitelists when necessary. Note: The modular 6G firewall with logs is an upgrade to the original 6G firewall. Sites using the previous version will need to disable […]
Using the vCanopy ModSec Web Application Firewall
Index Introduction Using the Firewall Provision a server and deploy a vCanopy Site Enable/Disable the vCanopy 6G WAF Adjusting ModSec Waf Sensitivity Setting the Paranoia Level Setting the Anomaly Threshold ModSec WAF Audit Logging Adding exceptions and whitelists to tune the core ruleset Exceptions versus Whitelist Adding a whitelist rule Introduction Developer plan accounts have […]
Using the vCanopy 7G Web Application Firewall on Nginx
TABLE OF CONTENTS Introduction The 7G Firewall Configuration Location on Nginx Part 1. Enable the Firewall Part 2. The 7G WAF Logs Part 3. Enable/Disable 7G WAF Rulesets Part 4. 7G WAF Whitelist Rules Part 5. Real 7G Whitelist Rule Examples Part 6. 7G Ruleset Customisation Part 7. Creating Custom Rules IMPORTANT Do NOT copy […]
Diagnosing 403 Forbidden Errors
TABLE OF CONTENTS Introduction: What is a 403 Error? Firewall Rules 403 on an Image or File Caching and Nonces File Permissions CDN Issues Corrupt/Misconfigured .htaccess file Broken/Missing Plugins Custom Nginx Config Rules Introduction: What is a 403 Forbidden Error? The 403 Forbidden error occurs when a request is made the server cannot allow. This […]