Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

1

vote

2 answers

Modsecurity Ignore/Whitelist IP

I have looked around on the net and have seen many common answers for this , however, none of them are working. I am trying to use this to ignore whenever our scans kick off in the morning. SecRule REMOTE_HOST "@ipmatch 99.123.33.87"…

asked Jan 15 '16 at 23:08

LUser

217
6
15

1

vote

1 answer

SecRuleEngine Off not working on a single domain in virtual host

I have modSecurity installed and working on a server with multiple hosts and I want to disable some rules for one host only. This is what is what I put in the virtual host file: SecRuleEngine On SecRuleRemoveById…

centos6 mod-security rules

asked Jan 07 '16 at 15:25

williamsdb

483
1
7
17

1

vote

1 answer

Apache 2: Limit Ressources

I'm running some web pages on apache 2.4. At the moment I can see a lot of connections like these on status-page: Srv PID Acc M CPU SS Req Conn Child Slot Client VHost Request 2-0 - 0/0/5 . 1297.48 944 2482371 0.0 0.00 0.26 …

apache-2.4 mod-security debian-jessie

asked Dec 19 '15 at 09:11

MyFault

893
3
14
35

1

vote

1 answer

modsecurity whitelisting certian types of cookies

I am seeing cookies being generated on our server which appear to be from 3rd party objects in the site and don't show themselves when one logs in or navigates through the site. The cookies are random but all start with Wm. So some of them might be…

cookies mod-security

asked Nov 20 '15 at 22:55

LUser

217
6
15

1

vote

1 answer

How can I decrease mod-security severity?

Actually the module blocks calls with "notice" level. How can I decrease the severity level and take it to "warning"?

apache-2.2 apache-2.4 mod-security

asked Nov 06 '15 at 13:29

Alessandro Romeo

37
2
7

1

vote

0 answers

How install PHP 5.4, mod_security and mod_evasive together without conflict

I need create webserver with PHP 5.4, and install mod_security and mod_evasive. But when I try to join the php 5.4 and the mods on an EC2 server, it returns an error of conflict between the versions httpd. I followed the tutorial link trying to do…

amazon-ec2 httpd mod-security

asked Sep 01 '15 at 20:42

Tiago Souza

41
1
5

1

vote

1 answer

mod_security installation not creating /usr/share/modsecurity-crs/

I have a server running ubuntu 14 lamp I´ve installed mod_security: apt-get install libapache2-modsecurity then decided to uninstall using this command: sudo apt-get remove libapache2-modsecurity Then deleted manually (ftp) some files and folders…

ubuntu mod-security

asked Sep 01 '15 at 16:59

Frederico Lopes

13
2

1

vote

0 answers

Apache header order

I am working on a private server application for a web based mobile game that uses php to generate responses. In order to do this I am trying to replicate the behavior of the main server as closely as possible. The main server includes the standard…

apache-2.4 http-headers mod-security

asked May 18 '15 at 17:05

Bryan

11
1

1

vote

0 answers

Test for length of ARG parameter in SecRule - Mod Security

What is the most efficient way to limit the length of a http request parameter using Mod Security? For example, to limit WordPress comment length : SecRule ARGS:comment "^.{65530}" Would this regex expansion slow mod-security down significantly? Or…

mod-security

asked Apr 28 '15 at 09:49

Santrix

253
3
10

1

vote

2 answers

Passwords in modsec log files

Are there any best practices or approaches I can take to prevent certain data (e.g. passwords) from being logged into mod-security's log files? We've a call coming into our Apache server (and onto the Karaf backend) that seems to occasionally…

apache-2.2 mod-security

asked Apr 23 '15 at 20:07

Jeremy Gooch

423
1
4
11

1

vote

1 answer

mod_security rule to block GET requests via querystring or referer

In the last days in my VPS there are many many GET requests on 1 file that cause a high memory load (all came from a single refer url, with different IPs). Until now I've blocked these requests via .htaccess # by refurl RewriteCond %{HTTP_REFERER}…

apache-2.2 mod-security

asked Apr 17 '15 at 11:33

ipel

109
3

1

vote

2 answers

Just added mod_security... want to whitelist a series of sub directories

I am running a host and just updated mod_security. It "broke" a CMS in multiple sites. I want to white list all sub-directories named CMS. How do I specify a rule to do that?

mod-security

asked Sep 23 '09 at 15:37

kylex

1,371
5
13
18

1

vote

2 answers

How to Disable ModSecurity without any Errors

I've enabled Mod_Security on my VPS which runs an Ubuntu OS with an apache web server. Now, I want to disable it because I setup another firewall to protect my server. I've tried preforming the steps in reverse order (taking out lines of code and…

apache-2.2 ubuntu php mod-security

asked Mar 13 '15 at 01:37

Marc Woodyard

87
1
3
9

1

vote

1 answer

mod_security not working at all

I'm trying to make the mod_security work, I searched a lot on the web, and followed this tutorial to configure mod_security (all my configuration files are the same as the tutorial), and when I run httpd -M | grep -Ei '(evasive|security)' it…

centos apache-2.4 mod-security

asked Feb 25 '15 at 01:46

Rogerio Chaves

107
1
8

1

vote

1 answer

What exactly does the ModSecurity SecCollectionTimeout directive?

I am having a little bit of trouble with a recurring "Failed deleting collection" error message from ModSecurity (see this discussion @ GitHub for some context). In the discussion of this error it is often suggested that the SecCollectionTimeout…

apache-2.2 apache-2.4 mod-security

asked Jan 29 '15 at 10:54

MRA

297
1
2
8

Questions tagged [mod-security]