Support

Admin Tools

#11615 Hosting Joomla website on server without ModSecurity

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Monday, 19 March 2012 09:19 CDT

Sunday, 18 March 2012 21:57 CDT

agnamr
Mandatory information about my setup:Joomla2.5 website (not yet public) running on ApacheServer2.2.22

Joomla! version:2.5.3
PHP version: 5.3.8
MySQL version: 5.0.91Host: pair networks
Admin Tools version: 2.2.0

Description of my issue:
THis is not a bug or problem,more a sanity check to make sure that I am using AdminTools in the correct environment (so please refer meto another forum if not appropriate to ask this here). My hosting provider does not use mod_security (which is recommended by Joomla.org), instead using fail2ban and ipfw and "intensive monitoring". Should I expect any issues with this?

Monday, 19 March 2012 02:57 CDT

nicholas
fail2ban and ipfw are regular firewalls (actually, they are just frontends to Linux' iptables if I recall correctly), i.e. they block TCP and UDP traffic based on the traffic pattern. They are not web server firewalls in the way mod_security is, i.e. they do not block incoming requests; they will allow almost all incoming requests to go through the web server.

Even though Admin Tools and Joomla! can work on such an environment, it's less secure than having mod_security installed and properly configured. Well, it's not something to lose your sleep over. We're talking about whether you are very paranoid with security, or completely paranoid with security. I wouldn't worry much.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 19 March 2012 09:17 CDT

agnamr
Thanks, so far my paranoia level is "very" not "completely".

Monday, 19 March 2012 09:19 CDT

nicholas
You're welcome! My paranoia level increases every day, but I'm of course exposed to all kind of strange disaster stories which are probably very unlikely to happen on your average site :)

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!