ModSecurity SecRemoteRules directive allows the user to load rules from a remote server.
Requirements
- Internet connection
- ModSecurity at least 2.9.x
How SecRemoteRules Works
1. When HTTP daemon starts, it loads the configuration files.
2. Configuration files have the SecRemoteRules directive, which tries to connect the Remote Server load rules.
3. When the connection is created successfully, HTTP daemon downloads the rules to the server memory.
4. ModSecurity rules work in memory as long as HTTP daemon is up and running.
ModSecurity Rules Servers
Here is an illustration of how SecRemoteRules works live.
Malware Expert server cluster refers to a group of servers with different geo locations and connections in the world. There are many reasons why this is an attractive thing to do, even for smaller enterprises.
Why are clusters so important?
These reasons include:
– high availability
– load balancing
– parallel processing
– systems management and scalability.
So there are no Single Point of Failure in our ModSecurity Rules system. Our rules are always downloading when your server has a working internet connection and DNS resolves.
Final words
Read more about Malware Expert – ModSecurity rules and protect your web server vulnerabilities with Web Application Firewall.