Frequently Asked Questions (FAQ)

Frequently asked questions about Malware.Expert’s Commercial ModSecurity Rules

Q: Can I install Malware Expert rules and Comodo rule set same time ?
A: You can only use Malware.Expert rules or Comodo rules, but not both at the same time!

Q: Can I download the rules locally and explore them?
A: It’s not possible! We protect our property and do not allow downloading the rules locally. Our rules are only allowed to be used in “server” memory, so there is no option to download rules to the local disk. If someone tries to download the rules and copy, distribute, or otherwise share them, we challenge the parties concerned with legal action.

Q: Your rules and updates look limited, how it compares to OSEC, Atomicorp, or even Comodo ones?
A: Our general rules don’t need updates and you get full protection from live attacks. (Optimized for shared hosting, especially WordPress, Joomla, and normal CMS systems). If our general rules are unable to protect against certain vulnerabilities, we will create a patch for that vulnerability.

Most of our customers have hundreds of servers in shared hosting and they have changed from AtomicCorp and Comodo Rules to ours.

Q: What is the rate (time) of updating the rule base? zero hour, daily, weekly?
A: Depends on what we need to release. Our core rules cover 99% of attacks, so we don’t need to add rules daily or even weekly. Here is information on our releases.

Q. Do your rules work with Litespeed?
A: Yes, our rules work with LiteSpeed, Nginx, Apache, and other web servers, that support ModSecurity and SecRemoteRules.

Q. Do your rules work on cPanel servers?
A: Yes, our rules work on Cpanel, DirectAdmin, Plesk, and other Control Panel web servers, that support ModSecurity and SecRemoteRules.

Q. You provide all your rules during the 3-month trial?
A: Yes

Q. Can I use your rules to protect my WordPress blog?
A: Depends whether you are web server owner or administrator. If you are using shared web hosting then you need to ask the service provider to buy our rules and install them on the server.

Q. What applications does commercial rules cover?
A: There is general rules, which cover all applications with these attacks:

  • SQL injection
  • Cross-site Scripting (XSS)
  • Local File Include
  • Remote File Include
  • File upload vulnerabilities

Then there are special rules for WordPress, Joomla, Drupal.

Q. What is the response time for a virtual patch for a newly discovered vulnerability?

A: When we get information or sample details of attacks, we typically add same day patch to vulnerability.