The Web Application Firewall from cPGuard is based on Malware.Experts commercial rule set with in-house rules from cPGuard to prevent brute-force login attempts against Wordpress and Joomla.
ModSecurity rules from Malware Expert are based on intelligence gathered from real-world investigations, penetration tests and research data in the REAL LIFE environment of over 10 000 domains. These rules are developed over ten years with the help of real traffic to websites. Web applications must be effectively protected against malware, botnet and hacker attacks at all times. Malware Expert ModSecurity rules provide powerful, real-time protection for web applications and websites running on Apache, Nginx on Linux Servers with ModSecurity. Our rules, provide advanced filtering, security and intrusion protection for PHP applications. Just install ModSecurity, setup Malware Expert’s rules, and automatic background updates is an effort to promote better security for your services and shared web hosting servers.
Generic Apache and PHP rules, broken out into the following attack categories:
Cross-site Scripting (XSS)
Local File Include
Remote File Include
File upload vulnerabilities
Web shells executions
Optimized application specific Mod_Security rules, covering the same vulnerability classes for applications such as:
ModSecurity Rules requirements
– ModSecurity 2.9.x / 3.x and higher (SecRemoteRules)
– Public IPV4/IPV6 address
– Apache, Nginx and LiteSpeed Web Server (LSWS)
To enable/disable WAF rules from cPGuard, please refer this DOC