<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

Blocking Web Spam With ModSec Rules

Jun 2, 2020 6:15:20 PM / by Dmitry Tkachuk

 

web-spam

 

Web spam, phishing links, commercial comments, and other unwelcome additions to web pages is a big headache for many webmasters and blog owners. It seems to flow unceasingly to site users, and countermeasures such as comment approval, registration confirmation, and CAPTCHAs are inconvenient for admins and users alike. 

When countermeasures become too obtrusive, they can lead users to avoid a site entirely. Without countermeasures, however, a site can be overwhelmed with spam such as online pharmacy promotions...

 

pasted image 0 (30)

 

...spurious links…

 

pasted image 0 (31)

 

...and phishing links:

pasted image 0 (32)

 

Our research here at Imunify shows that these sorts of spam attacks are becoming more prevalent, especially on sites running WordPress. Since March, we’ve seen millions of such attacks: 

 

unnamed (17)

 

Fighting Spam With ModSec

 

How does the Imunify360 security team fight back against this rising tide of spam attacks? Through ModSecurity rules. We collect information on each spam message, to calculate the reputation of each potential spammer, then incorporate it into the ModSec protection rules. 

Imunify360 users get this protection as part of the default configuration, with no need to manually tune the settings. In the upcoming version 4.8, the new WAF rules auto-configurator helps deliver this web-server protection better, while using fewer CPU and memory resources.

Imunify360 users who disabled or changed their ModSecurity configuration can restore its default spam protection through the GUI by following these instructions. Or, they can do it using the command line by running these commands: 

 

  1. # imunify360-agent install-vendors

  2. # imunify360-agent check modsec directives

 

If the previous check command returned a non-empty result run this command: :

 

# imunify360-agent fix modsec directives

 

Please Share Your Feedback

 

The Imunify product team would like to hear from you. To share your ideas and observations on web-spam protection, please send them to us at  feedback@cloudlinux.com.

If you have questions on how to use Imunify360, or you’d like to resolve a support issue, please contact the Imunify360 support team at cloudlinux.zendesk.com.

 

Topics: Imunify360, Antivirus, Advice, Analytics

Dmitry Tkachuk

Written by Dmitry Tkachuk

Imunify Security, Product Manager

    Subscribe to Email Updates

    Ready to try Imunify?

    30-DAY TRIAL

    Recent Posts