Server security WAF

Hello All

I’ve been kind security freeky for past few months; exploring the best servers and panels mainly withing opensource as I am DIYer and not an expert and want always have my domains running with maximum possible flexibility without being tied on high charged fees for major commercial panels.
Vestacp initially and now hestiacp have been my best bet and I see huge improvement on hestiacp in raltion to vesta. Which is great I hope this project does not die but will need some commercial component to give enthusiasm in continuing to the creators! otherwise with time might start “die out”.

I found this interesting article and sound something great to add into Hestiacp as default security installation. I did not implement, I would like to see your comments about this

Many thanks!

1 Like

And probably more suggestions :slight_smile:

But nginx has many great functionalities we don’t use…
Like https://github.com/FRiCKLE/ngx_cache_purge
and many more

If we consider building “our own” Nginx packages we should consider good add ons first…

Security is a good thing! But one of the problems with mod_security is it needs to be tailored to each site. One site might work OK with OWASP rules while another might break. So it really needs to be applied on a case by case basis, by someone who puts it in training mode and then picks through the results.
Enabling it by default for all sites on a Hestia server would undoubtedly create a deluge of “My website doesn’t work” complaints, which the Hestia team would probably not enjoy.

thank you @pluto @eris
I think I am getting there! :wink: