Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

2

votes

1 answer

ModSecurity rule to not scan URI

I am having difficulty creating a new mod security 2.5 rule. My deployment: Apache server, Setup as a reverse proxy. (so the apache webserver __does not_ host the website. Instead, I proxy the requests to another server that answers the web…

asked Jun 16 '15 at 13:16

Arlion

590
1
4
17

2

votes

1 answer

apache mod_evasive with mpm_prefork settings to work

I have tried to find all the information I could on this and I understand the problem with mod_evasive not working when the server is in the mpm_prefork mode (instead of worker). However, I was able to make it partially work by lowering the…

apache-2.2 mod-security

asked Apr 01 '15 at 20:28

user1869304

21
3

2

votes

1 answer

How could I exclude mod_security from sub-directories on Amazon EC2 with LAMP?

I never activated before the mod_security or edit Virtual Hosts, so it's a new challenge for me, I tried to follow this tutorial but seems that most of the tutorials around the web are not reflecting my situation. I have an EC2 instance running…

apache-2.2 ubuntu mod-security

asked Feb 19 '15 at 11:55

dr house

65
1
7

2

votes

0 answers

ModSecurity phase not working?

I have installed modsecurity (2.8). So I made my first rule to block a referrer spam with the following: SecRule REQUEST_HEADERS:Referer "buttons\-for\-website\.com" "phase:1,deny,status:403,id:666521134" Then when I fake my referrer in Firefox to…

security mod-security

asked Dec 26 '14 at 14:58

AndyCartman

21
2

2

votes

6 answers

mod_security: another rule with same ID

I have installed httpd 2.2.15 on CentOS 6.5 (minimal installation with no cPanel) with modsecurity 2.8. When I am starting httpd I am getting this error: Starting httpd: Syntax error on line 23 of /etc/httpd/conf.d/modsecurity.conf: ModSecurity:…

centos httpd mod-security

asked Jun 12 '14 at 19:08

Ashish

21
1
1
2

2

votes

0 answers

Nginx and dynamic X-Forwarded-For blocklist

I am running Nginx behind a proxy. I am getting visitors' real IP addresses through X-Forwarded-For HTTP request header. I'd like to block individual IPs based on a dynamic block list, up to 10000+ IPs. I was looking into ModSecurity to do this, but…

nginx mod-security

asked Jun 06 '14 at 10:04

Mikko Ohtamaa

1,364
3
17
28

2

votes

0 answers

How to solve UNIQUE_ID variable issue in modsecurity_crs_16_session_hijacking.conf ubuntu 10.04

I have been trying to harden ubuntu 10.04 using modsecurity and its core rules from owasp version 2.2.5. I have used the package from their github . After the symbolic link of the files in the optional_rules to the activated_rules, apache started…

apache-2.2 ubuntu-10.04 mod-security

asked Feb 13 '14 at 17:41

black sensei

609
3
8
25

2

votes

2 answers

How to use Modsec rules to certain page?

i want to block proxy(x-forwarded) ip certain page(wp-comments-post.php) using Apache Mod_security. my current mod_security rule: SecRule REQUEST_HEADERS_NAMES "^x-forwarded-for" "log,deny,id:48,status:403,t:lowercase,msg:'Don't use Proxy'"

apache-2.2 mod-security

asked Dec 25 '13 at 17:47

Ram

179
1
1
8

2

votes

0 answers

ModSecurity: collections_remove_stale: Failed deleting collection

Environment: Ubuntu Server 12.04 64Bit with Apache/2.2.22 (Ubuntu) and Worker mpm with modsecurity 2.7.5 and OWASP CRS latest. Problem: When server is under a load of 1500 concurrent users Mod_Security starts to show the below error in Apache's…

apache-2.2 mod-security

asked Oct 03 '13 at 16:36

zertux

151
1
13

2

votes

0 answers

log/dump response body

Is there any way to log response body in Apache 2? I need the exact content that will be sent to user browser. I tried mod_security audit logging, but it won't log response body for all requests. (I got confused really. It logs response body for…

apache-2.2 logging mod-security

asked Apr 01 '13 at 19:33

kikio

161
1
9

2

votes

0 answers

.htaccess ignored two layers deep on only some hosting plans

I have one .htaccess file doing this: RewriteRule ^system(.*)$ /system/app/$1 [QSA,L] ...and then underneath /system/app, I have another .htaccess file doing this: RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule…

apache-2.2 .htaccess mod-rewrite mod-security

asked Dec 14 '12 at 07:36

ServerChecker

1,498
2
14
32

2

votes

2 answers

Does ModSecurity 2.7.1 work with ASP.NET MVC 3?

I'm trying to get ModSecurity 2.7.1 to work with an ASP.NET MVC 3 website. The installation ran without errors and looking at the event log, ModSecurity is starting up successfully. I am using the modsecurity.conf-recommended file to set the basic…

asp.net-mvc mod-security

asked Dec 10 '12 at 23:34

autonomatt

133
5

2

votes

0 answers

Custom collections with mod_security

I would like to create a mod_security collection that is based on something other than the user's IP, Session ID, or username. Specifically, based on the REQUEST_URI. However, mod_security indicates that this is not possible. My question is…

apache-2.2 mod-security

asked Jun 19 '12 at 21:26

Matt White

707
1
5
17

2

votes

1 answer

why use apache's LoadFile?

Installing mod_security, the instructions direct us to add: LoadFile /usr/lib/libxml2.so LoadFile /usr/lib/liblua5.1.so to httpd.conf. I'm wondering why they might prefer LoadFile to linking with rpath / LD_RUN_PATH /etc.

apache-2.2 mod-security

asked Jan 04 '11 at 22:46

pra

622
1
5
13

2

votes

1 answer

Why Is ModSecurity Unable to Access the Data Directory?

Update I think we've solved this; the problem appears to have been a result of the /modsec_storage directory having an incorrect value for its SELinux context type. However, we're still not sure, because although after I changed the SELinux context…

apache-2.2 selinux mod-security

asked Oct 13 '10 at 16:59

tommytwoeyes

155
1
7

Questions tagged [mod-security]