In early-mid 2018 we decided to switch to LiteSpeed for various reasons, one of them being the CPU load experienced while using our Comodo WAF ruleset. Eventually, we got to the point where we tried turning off mod_security rules, and we instantly saw a drop in CPU usage of about 100% (1 core). On certain shared hosting servers with a particular traffic patterns, we noticed Apache would sometimes take up 100-200% (1-2 cores) alone for processing requests within mod_security. The issue with having an extensive list of WAF rules is that it tends to hurt your performance, both in your rules latency, and in the amount of resources your system requires to handle a request. CWAF contains hundreds of rules for SQL injection, cross-site scripting and, more importantly, rules targeting specific software vulnerabilities in WordPress, Joomla, Magento and other known CMS’s. It also protects against generic attacks such as SQL injection, cross-site scripting, backdoors etc. This is done mainly to protect against known vulnerabilities in the open source software our customers use. So, without further ado, here’s Lucas’ story in his own words:Īt Hosting4Real, we run WAF across our fleet. See how its impact on his systems changed dramatically when he switched from Apache to LiteSpeed! Today he’ll be sharing his experience implementing WAF. Lucas is, as he says, “the everything man – sales, support, accounting, coffee drinker, and operations guy” for Hosting4Real. Do you use WAF (Web Application Firewalls) to protect your sites? Our guest blogger, Lucas Rolff does.
0 Comments
Leave a Reply. |