Osamah Sulaiman AlHenaki
Abu Omar AlBasri High School, Riyadh, Central, SAUDI ARABIA
This project is about protecting websites hosting servers from unauthorized entries and hacking activities by writing certain defined rules using MOD_SECURITY open-source web application Firewall.
The defined rules are easy to implement by the public (inexperienced computer users). Therefore, web server owners could save money and time by using the proposed MOD_SECURITY rules.
The defined rules are short compared to traditional firewall settings. This helps in optimizing web server performance.
In addition, the rules are concise and focused on unwanted requests and suspicious hacking attempts, unlike traditional firewall settings that are broad and over protective which results in preventing otherwise authorized activates. For example, sending e-mails using words like "Cookies" can result in blocking innocent e-mail sending. Also, naming system files with C99.php can get them blocked as they resemble C99 hacking shell.
The recommended rules also protect against encryption and transfer coding.
In conclusion, using well-defined, optimized & easy to implement MOD_SECURITY rules is an effective way for inexperienced owners of website hosting servers to save money and protect against unwanted hacking attempts while not preventing innocent requests due to over protecting rules.