Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-security]

ModSecurity supplies an array of request and response filtering rules and other security features to the Apache HTTP Server. ModSecurity is an open source web application layer firewall.

334 questions
2
votes
2 answers

how I can know which version of mod security that I had on the server? and how I can update it?

I'm using cpanel (11.25 Stable 46156) with mod security installed. How can I know the version of mod security that installed in the server? How can I update mod security manually or make it update automatically ?
Libyano
  • 141
  • 2
  • 2
  • 8
2
votes
3 answers

How do I remove the ServerSignature added by mod_fcgid?

I'm running Mod_Security and I'm using the SecServerSignature to customize the Server header that Apache returns. This part works fine, however I'm also running mod_fcgid which appends "mod_fcgid/2.3.5" to the header. Is there any way I can turn…
matthew
  • 1,309
  • 1
  • 11
  • 21
2
votes
1 answer

How to disable mod_security2 rule (false positive) for one domain on centos 5

Hi I have mod_security enabled on a centos5 server and one of the rules is keeping a user from posting some text on a form. The text is legitimate but it has the words 'create' and an html tag later in it so it is causing a false…
nicholas.alipaz
  • 155
  • 2
  • 7
2
votes
2 answers

Necesity of ModSecurity if Apache is behind Nginx

I have my Apache installed behind Nginx. So every request that comes in is first handeled by Nginx. If there is dynamic content needed the request is send to Apache which listens on port 8080. Pretty basic reverse proxy setup. Now with this setup…
Saif Bechan
  • 10,892
  • 10
  • 40
  • 63
2
votes
0 answers

Efficient and comfortable mod_security monitoring with sentry.io or similar tools?

When using mod_security one might drown in error reports. sentry is a comfortable tool to monitor software errors, sort them, ignore unimportant ones and so on. I was wondering if it is possible to connect mod_security with sentry.io? The only…
Alex
  • 476
  • 13
  • 35
2
votes
0 answers

How to make mod_remoteip and mod_evasive work together

I have several Cento7 machines running Apache 2.4. They are behind a load balancer. The load balancer pass X-Forwarded-For header with client IP. In order to have mod_evasive to use the real client IP, I enabled mod_remoteip. Here is my config for…
user3908406
  • 143
  • 1
  • 4
2
votes
2 answers

mod_security 403 forbidden response is returning homepage content with WordPress mod_rewrite

I'm using mod_security on various websites, some WordPress and some not. I notice that on a non WordPress website the following: https://test-site.com/?exec=/bin/bash returns a 403 forbidden error code, along with the Apache "forbidden" error page.…
MrCarrot
  • 345
  • 1
  • 4
  • 13
2
votes
5 answers

500 Internal Server Error when adding a line in the .htaccess file

I need to add the following line into my .htaccess file in order to get my website working with mod_security SecFilterScanPOST Off but then I get an error Internal Server Error The server encountered an internal error or misconfiguration and was…
Elitmiar
  • 775
  • 3
  • 15
  • 31
1
vote
0 answers

mod_security does not block invalid URI requests

I am quite new to Modsecurity and need some help to secure my development server. I have Apache 2.4 installed with Mod Security 2.8.0 I have also installed OWASP ModSecurity Core Rule Set ver.3.2.0 Now, I am trying to block all requests that do not…
user3132858
  • 143
  • 2
  • 6
1
vote
1 answer

Apache - Custom error page returning error AH01071 only for file requests

I have a site hosted with a shared hosting provider. It is an Apache with FPM/FastCGI and PHP 7.2 Being shared hosting, the only configuration I have access to is htaccess, but obviously not any of the Apache conf files. I have a custom error page…
Nicolas
  • 201
  • 1
  • 3
  • 8
1
vote
1 answer

Modsecurity - entire web pages being posted to log

I am running the latest version of Modsecurity on Ubuntu 18.04 and I'm having an odd problem that I cannot find through searching. The problem is that certain visitors to my server are posting the entire contents of web pages to the log. The posts…
User6655
  • 11
  • 5
1
vote
1 answer

Can I setup redirects with Modsec?

The web servers I managed are all running Apache 2.4 with Modsec. Is it possible to write a rule that will serve up a different page if matched by Modsec? I want this to be independent of the domain. For example, if domain1.com/login or…
dstana
  • 285
  • 1
  • 10
1
vote
2 answers

ModSecurity SecRule based on original browser url, not internal rewrite (index.php, app.php, etc.)

I'm working on a Symfony 2 site, and am trying to create a ModSecurity rule to match a particular browser URL. IE example.com/results Symfony 2 internally rewrites all requests to app.php using rules in .htaccess, so when I check REQUEST_URI in the…
Nathan Stretch
  • 171
  • 1
  • 15
1
vote
2 answers

How to use modsecurity with lighttpd

I'm not an expert and I'm looking to use modsecurity with lighttpd Can someone explain me how to compile or install modsecurity for lighttpd because I can't find any documentation online
freeze
  • 11
  • 1
1
vote
1 answer

ModSecurity: setenv within SecAction not effective

I am trying to debug an issue with ModSecurity. Using ModSecurity 2.9.2 on Apache 2.4.33. I've simplified the situation as far as possible, but have run into a wall. I'm working within a virtualhost config. Here's what I'm trying to do: SecAction…
Nathan Stretch
  • 171
  • 1
  • 15
1 2 3
22 23