This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Release with php 7 compatibility
#15
RE: Release with php 7 compatibility
Effectively, we don't have a lot of choice as open source web firewall. I'm working for a Canadian hosting company, and we use Mod_security as web firewall layer like 80% of current web hosting.

The avantage of Suhosin on Mod_security, it's because Suhosin do almost a great job without any painful setting and optimization. All you need to do, it's disable some functions and Suhosin does what remain. or almost. The problem with Suhosin, it's because the main developer looks to don't continu the project. At least we have low support and update. It's the reason why I'm working on a project base with Mod_security, fail2ban and the OWASP ModSecurity Core Rule Set. A scalables core rule set with possibility of cron update. All compatible with Fast-cgi, apache and php 7.x . I'm on right optimization and customisation for the Mod_sec rules for Sentora. I'm working on php 7.0.19 without Suhosin.

This is what we need for involve the security of Sentora on the next version :

- Taking off zsudo from the code architecture;
- Put all bases passwords encrypted in the mysql Database;
- Change Suhosin for a customized Mod_security for evolution and compatibility;
- Change the input for ssl.conf for the vhost;
- incorporate a module with Let's Encrypt for give the possibility to the users to install a Free SSL through the interface.

With these ameliorations, I think Sentora can gain in popularity. Because one of the biggest critic about Sentora, his about his security leak.

Eulogy.
Reply
Thanks given by:


Messages In This Thread
Release with php 7 compatibility - by Eulogy - 05-27-2017, 07:28 AM
RE: Release with php 7 compatibility - by TGates - 05-28-2017, 04:48 AM
RE: Release with php 7 compatibility - by Eulogy - 05-28-2017, 05:08 AM
RE: Release with php 7 compatibility - by Eulogy - 05-28-2017, 06:25 AM
RE: Release with php 7 compatibility - by Eulogy - 05-28-2017, 11:51 AM
RE: Release with php 7 compatibility - by Eulogy - 05-29-2017, 12:37 AM
RE: Release with php 7 compatibility - by Eulogy - 05-29-2017, 01:19 AM
RE: Release with php 7 compatibility - by Eulogy - 05-29-2017, 03:29 AM
RE: Release with php 7 compatibility - by Me.B - 05-29-2017, 04:56 PM
RE: Release with php 7 compatibility - by Eulogy - 05-29-2017, 08:16 PM
RE: Release with php 7 compatibility - by TGates - 06-02-2017, 02:45 AM
RE: Release with php 7 compatibility - by Eulogy - 06-03-2017, 11:38 AM
RE: Release with php 7 compatibility - by kvcodes - 07-01-2018, 12:57 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
1.0.4 release Me.B 17 38 ,872 02-25-2018, 07:29 AM
Last Post: TGates

Forum Jump:


Users browsing this thread: 2 Guest(s)