Site Firewalls: 6G

The 6G WAF was originally developed by Jeff Starr at Perishable Press for Apache-based servers. 6G is an excellent lightweight firewall that parses requests for anything anomalous or malicious looking, looking for: Bad Bots Bad Referrers Bad Query Strings Bad Requests Disallowed Request Methods We have adapted the firewall for Nginx, but more details can be found here. […]

Site Firewalls: ModSec

Introduction Developer plan accounts have access to the ModSecurity WAF for each of their sites on a GridPane managed server. We use the full OWASP foundation 3+ Core Ruleset (CRS) to protect your sites from a wide array of attack vectors including:  SQL Injection (SQLi) Cross-Site Scripting (XSS) Local File Inclusion (LFI) Remote File Inclusion (RFI) PHP Code Injection Java […]

Using the GridPane 6G Web Application Firewall

Index  Introduction Using the Firewall Provision a server and deploy a GridPane Site Enable/Disable the GridPane 6G WAF The 6G WAF Logs Enable/Disable 6G WAF Rulesets Create WAF Whitelists when necessary. Note: The modular 6G firewall with logs is an upgrade to the original 6G firewall. Sites using the previous version will need to disable […]

Using the GridPane ModSec Web Application Firewall

Index  Introduction Using the Firewall Provision a server and deploy a GridPane Site Enable/Disable the GridPane 6G WAF Adjusting ModSec Waf Sensitivity Setting the Paranoia Level Setting the Anomaly Threshold ModSec WAF Audit Logging Adding exceptions and whitelists to tune the core ruleset Exceptions versus Whitelist Adding a whitelist rule Introduction Developer plan accounts have […]

Moving a Website that’s had a malware infection

If you have a website that’s been infected with Malware, the first thing to do is make sure there are no other websites that are on the same system user – if there are, move them to their own system user immediately.  Second, we recommend you completely disable your site and access it via a […]

Configuring Fail2Ban to Prevent Brute Force Attacks

TABLE OF CONTENTS  Introduction Part 1. Use GP-CLI to Configure Fail2Ban for Strict Brute Force Protection Step 1. Setup a custom rule and jail for wp-login.php Step 2. Setup a custom rule and jail for xmlrpc.php Part 2. Use the WP Fail2Ban Plugin Integration Enabling/Disabling Fail2Ban integration with WP Fail2Ban Blocking User Enumeration Block Stupid Usernames […]