SAFE. It can be a metal box with a combination where you can put your highly confidential documents or expensive valuables for safekeeping; or an underground shelter which you believe that can protect anyone from any kind of storm or calamity. But is there really a place, storage, or anything that is safe? With regards to the Internet these days, is there really something we can call safe? With all the emerging threats and many hackers exploiting vulnerabilities of different web applications, how can you protect yourself from such malicious threats?
One of the most common security practice for protecting web applications is the use of web application firewalls (WAF). A WAF is a solution that identifies and blocks attacks. It has four different types namely, appliance-based, server-based, cloud-based and application-based. An open source WAF that is also used widely is ModSecurity. It is an open source, application-based WAF which is known to be the “Swiss Army Knife” of WAFs because of its HTTPs traffic visibility, virtual patching and many more features.
What is WebRanger?
WebRanger is security solution that proactively protects your website or web applications from incoming threats, 24×7. It is a combination 3 key solutions that make WebRanger unique and effective: a Web Application Firewall (or WAF), an analytics platform, and easy communication with a team of security experts.
What are the differences between ModSecurity and WebRanger?
ModSecurity is called the “Swiss Knife” of WAFs because it can do a lot of things and because it is open source, you can freely tweak it to fit the needs of your web application. Although, unlike WebRanger, ModSecurity only works in an Apache web server. Some of the added features on its new version (ModSecurity 2.9) are the OWASP Core Rule Set which enables it to protect web applications against the OWASP Top 10 and the embedded mode which allows it to be like an extension of the Apache web server.
Both WebRanger and ModSecurity have their own pros and cons, but here is why WebRanger is a great alternative to ModSecurity:
ModSecurity’s pros are its embedded mode, full HTTP logging and virtual patching. Its embedded mode feature is good for those who already have a laid out architecture since it can just be plugged in an existing web server (Apache). It also fits those who are aiming to protect multiple web servers although the embedded mode only protects the local web servers and consume local resources such as CPU and instead of RAM. Its virtual patching feature allows repairing of applications without touching the applications themselves. But the problem is that you need to be able to have full control of the web server, which in most hosting providers, you don’t have access to.
WebRanger’s pros are that you don’t need to deal with the web server and require admin access to it. It truly sits on the web application layer. WebRanger comes with a full-time security operations center (SOC) monitoring and protecting your website, 24×7, and its console is also able to provide in-depth details and analysis of attacks events, as well as other traffic analytics. It also is a cross platform for web servers so you won’t have to worry if it is okay to be ran in any of your web servers unlike ModSecurity which is only allowed to be paired with Apache web server and requires you to have control over the webserver (in which some hosting providers doesn’t allow). WebRanger is currently supporting PHP and ASP.NET platforms, and JSP and Ruby support is on its way.and
Then again, no single security approach applies to everyone. Even with the features of both ModSecurity and WebRanger, it is still up to you as an administrator to gauge which one best fits the need of your web application, availability of access, and feature requirements. Also, no one will stop you from using both ModSecurity and WebRanger. It would be a great idea to use both solutions and get double protection from both! ModSecurity for multiple web server protection and full HTTP logging. WebRanger for your managed threat protection and analysis.