You should never have to run a website out of your home directory. EVER. You would otherwise have to give the web server the ability to traverse through /home/ to see the directory structure, but also into /home/$USER/ (your user’s home directory, where we can try and see what else exists in your user directory), as well as any other subfolders …
Install Apache’s mod_security & mod_evasive to prevent DoS/Brute-Force attacks on CentOS
I have been searching for a free open source solution to protect my web application against prying hackers, malicious screen scrapers, illegitimate crawlers, rampant bots and abusive API users. Besides being free and open source, the minimum requirement is that the solution can identify rogue user IP addresses and blacklist them if necessary. Preferably, the …