Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

0

votes

1 answer

Modsecurity: Whitelist requests, Block all else?

I'm just reading up about - and experimenting with - modsecurity and hoping someone can educate a little about the method behind the madness. The approach I'd ordinarily take with any firewall is to whitelist what I want to occur whilst blocking all…

apache-2.4 mod-security

asked Feb 12 '15 at 16:58

befuddled

1
1

0

votes

1 answer

mod_security not blocking empty useragent requests

I can't get mod_security to block empty useragent requests. I am not very saavy with it so after searching I found this rule: SecMarker BEGIN_UA_CHECK SecRule &REQUEST_HEADERS:User-Agent "@eq 0"…

mod-security useragent

asked Nov 14 '14 at 21:36

san671

51
1
5

0

votes

0 answers

Server wont let me save URLs to MySQL database?

I am posting here because all other forum say it's a server environ issue. I have a site with the ModX CMS on it hosted on a GoDaddy server (not sure about the specific setup is as client has forgotten login details). For some reason (mod_security?)…

web-hosting apache-2.2 cms mod-security

asked Oct 29 '14 at 23:38

MeltingDog

101
1

0

votes

1 answer

Fine-grained control over mod_security logging

I installed mod_security2 on several dozen servers (each with several dozen VHosts) and don't have the time to configure it for every VHost. In the default configuration, it produces copious amounts of false positives in log files, so I chose to let…

logging mod-security

asked Sep 29 '14 at 17:33

user2845840

213
1
8

0

votes

2 answers

How to detect brute force in mod-security

I checked the core rules set in the mod-security but it's didn't contain the rules related to Brute-Force Attack!!! Did anyone know how to write the rules or the existing rules for this kind of Attack! Thanks in advanced,

firewall hacking mod-security

asked Sep 07 '09 at 04:23

Wingless-Archangel

43
7

0

votes

1 answer

mod-security not blocking POST request

I have a mod-security compiled from source and installed on Ubuntu Server 12.04, Apache 2.2.22. I loaded the OWASP core rule set, and I can see them getting triggered on the log file /var/log/apache2/error.log with a simple POST request with…

mod-security

asked Sep 18 '14 at 20:05

vincentleest

103
1
5

0

votes

2 answers

Nginx, ModSecurity, IP Tables blocking WordPress dos/ddos attack

For the past 14 days I have had my website being hit by millions of WordPress installs over the world which .htaccess is kind of coping with but I am trying to get something to kick them before meeting htaccess. (RewriteCond %{HTTP_USER_AGENT}…

nginx security firewall mod-security

asked Sep 14 '14 at 17:20

Jack J

9
3

0

votes

1 answer

How i can block requests for a specific page?

I would like to completely delete or block access to a specific page in my site. More specifically, I have seen this exploit "Joomla COM_MEDIA Exploit" : http://all1gat0r.blogspot.gr/2013/08/joomla-commedia-exploit.html and from what I see, there is…

url mod-security joomla block ubuntu-14.04

asked Aug 08 '14 at 16:47

Shake-the-World

11
5

0

votes

1 answer

Mod Security2 deactivation rule only from a specified IP addresses

Is it possible to disable a rule by Mod Security2, only for one specified IP addresses? Only for one specified IP addresses & only for one specified path ( /administrator ) ? I tried this: Allow from 123.456.78.999 …

linux apache-2.2 ip mod-security ubuntu-14.04

asked Aug 08 '14 at 11:39

Shake-the-World

11
5

0

votes

2 answers

Modsecurity Preventing Access to WSDL

I have installed mod_security with the OWASP rule set and it is now blocking my ability to call a web service using a WSDL. When my code tries to make the web service call, I see the below in the mod sec audit log (domains, IP's and file names have…

mod-security soap wsdl

asked Aug 05 '14 at 03:27

Jason

371
1
7
19

0

votes

3 answers

Mod_security - Syntax error

I have a password protected directory on my web server. To protect that from brute force attack, I tried to add the IP-Based BLocking config as below in the apache2 config file. But everytime I restart Apache2 I get syntax error. Does anyone know…

apache-2.2 mod-security

asked Jul 22 '14 at 15:24

Matt

11
1
2
5

0

votes

0 answers

Nginx + mod_security without a backend server

I want to start using mod_security for Nginx. However, I have read the official doc and something got my atention: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#installation-for-nginx The example configuration is: location / { …

nginx php-fpm phusion-passenger mod-security

asked May 05 '14 at 16:08

arg

13
1
4

0

votes

1 answer

apache2 reverse proxy broken after modsecurity is installed ubuntu on 12.04.1

this is the first time I have run into issue like this one. I have a java application setting behind a apache2 using mod_ajp on 8009. I have noticed that I could not get the client's IP so I have created another virtual host file and switched to…

ubuntu reverse-proxy mod-proxy mod-jk mod-security

asked Mar 14 '14 at 17:41

black sensei

609
3
8
25

0

votes

1 answer

Apache/ModSecurity - Blocking HTML Textarea with 403 when it contains a linebreak (enter key)?

I have a contact form, within this contact form is a textarea. If i fill out the contact form and in the test area, i enter one line of text, e.g. Example The form completes and i am notified via email. However, if inside of the textarea i do the…

http-status-code-403 mod-security

asked Mar 13 '14 at 06:32

Craig van Tonder

121
1
7

0

votes

1 answer

Modsec: Set env variable based on User-agent

Relatively new to Apache modsec. Trying to do something simple and hitting a wall. I want to set an environment variable based on the User-Agent, and test it by setting a header. I have this: SecRule HTTP_User_Agent "Gecko"…

apache-2.2 mod-security

asked Feb 19 '14 at 01:53

Nathan Stretch

171
1
15

Questions tagged [mod-security]