Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

0

votes

1 answer

sources.list entry for mod_security testing release?

I have a debian "squeeze" installation, but the mod_security delivered with this release is quite old. So I'm thinking of adding an additional line to my sources.list to get the "wheezy" version (wheezy = the version after the current version…

debian mod-security debian-squeeze

asked Aug 19 '11 at 12:49

powtac

639
2
6
19

0

votes

1 answer

HAProxy health check is logged as TCP_MISS/000 in Squid

We have a HAProxy front-end, load balancing a layer of Squid servers, which handles data from an Apache ModSecurity layer, and which ultimately serves up data from IIS cluster. Each Squid server is mapped to a ModSecurity server in a 1:1…

squid haproxy mod-security

asked Jun 15 '11 at 18:00

Matt Beckman

1,512
17
33

0

votes

1 answer

What is this mod_security rule trying to prevent?

Today my IP was blocked by my server. I was told it was because of a mod_security rule that got triggered. I'm told that the regex that got triggered was ^((?:(?:POS|GE)T|OPTIONS|HEAD)) I don't know much about mod_security and was told If the…

regex mod-security

asked Feb 14 '11 at 13:06

Mike Grace

197
1
6

0

votes

2 answers

mod_security on an OWA front end

When using mod_security (installed from EPEL) with apache 2 on a centos box, sometimes users are unable to send messages - im having trouble tracing the rule back, the only place i get to is 'inbound anomaly score too high' anyone know what i should…

reverse-proxy outlook-web-app mod-security

asked Nov 17 '10 at 19:46

Devnull

951
1
7
23

0

votes

2 answers

Web Application Firewall: alternatives to mod_security

mod_security seems to be no longer on Debian repositories. The installation seems quite complicated. The only one I could find is Zorp, which seems even more complicated. Hence I'd like to ask for up to date mod_security howto's or alternative…

apache-2.2 mod-security application-firewall

asked Oct 07 '10 at 17:15

MrG

289
3
10

0

votes

2 answers

How to secure Cpanel/WHM from malacious uploads

Recently my site's index.php file was replaced with some malicious javascript code. I really don't know how it was added to the page. Today when I tried to download the file via FTP, my local anti-virus software gave me a warning. I presume this…

security centos mod-security

asked Jun 08 '10 at 05:00

John

0

votes

2 answers

Disable mod_security on Dreamhost, for a single cgi script

I've searched around a lot, and tried various tweaks to .htaccess files to try to turn off mod_security for a particular cgi script (uber uploader) but it doesn't seem to have any effect. The most popular one I see rehashed all over the web is: #…

mod-security dreamhost

asked Apr 26 '10 at 19:06

Hippyjim

191
2
6
19

0

votes

1 answer

How can I have APF block script kiddies that mod_security detects?

In one of the vhosts' error_log I found thousands of lines like these, all from the same IP: [Mon Apr 19 08:15:59 2010] [error] [client 61.147.67.206] mod_security: Access denied with code 403. Pattern match…

security firewall mod-security

asked Apr 22 '10 at 15:50

Gaia

1,777
4
32
58

0

votes

1 answer

modsecurity wont start with an apache server

I have a Debian server where apache2 is running. I want to use modsecurity for throttling. apache2 info $ apache2ctl -v Server version: Apache/2.4.29 (Debian) Server built: 2018-01-14T11:01:58 I installed libapache2-mod-security2 with sudo apt…

apache-2.2 apache-2.4 apache2 mod-security

asked Sep 15 '22 at 13:16

Hussain Nagri

181
8

0

votes

0 answers

It's not making shell script of modsecurity after compiling from source. modsecurity v2.9

I compile modsecurity from source. But it's not making the executable shell script. How can I get the modsecurity shell script? I went back to back but didn't get the shell yet. any help?. root@3c6a29e9f9b5:/home/modsecurity-2.9.3# ./configure…

linux shell-scripting mod-security

asked Sep 08 '22 at 09:41

kolo

1
2

0

votes

2 answers

How to block IPs making requests to specific domain?

I have a server with CSF and ModSecurity enabled. I'd like to set up a rule or configuration that will automatically block (for a specified amount of time) any IP that makes incoming requests to a particular subdomain. In this instance it is…

mod-security csf

asked Aug 06 '22 at 21:21

inspirednz

174
9

0

votes

0 answers

Drop connection without sending packets

I would like to prevent default virtual host behaviour by dropping the connection, so that visitors who navigate to my server via IP or fqdn that isn't included in my virtual hosts get no indication that any web server exists (other than seeing open…

apache2 mod-proxy mod-security connection-refused

asked Jul 14 '22 at 01:26

jackar

11
2

0

votes

0 answers

mod-security denying post method due to client's text matching pattern

I have a PHP application where a form has HTML textarea tag to collect multiline text. One of our client was having trouble posting, and we couldn't recreate the issue until we tried the exact text. After much checking I found the following in…

mod-security

asked Jun 30 '22 at 07:06

Nishu Ali

1
2

0

votes

0 answers

Custom.regex.pm for CSF with mod security

I'm trying to create custom rule that block 403 access triggered by mod security, my modsec audit log look like this: 2022-06-14 02:15:19.241467 [INFO] [1554] [123.123.123.123:597-Q:189D4DD7523532AE-72#somedomain.com]…

mod-security csf

asked Jun 14 '22 at 05:06

Teddybugs

153
10

0

votes

0 answers

When Modsec is turned on. Google Publisher centre cannot read my RSS feeds

I have a strange issue with this When I have modsec turned on. My Google News RSS feeds wont work, And I cannot get instant indexing to work because the feeds wont show in my publisher centre. if I turn modsec off. It works. RSS feeds show in my…

mod-security

asked Jun 01 '22 at 00:10

Matts Cloud

1

Questions tagged [mod-security]