Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

1

vote

1 answer

Apache error_log filled with modsec blocks

Ever since I enabled Apache modsecurity I've been checking the logs and been seeing the following constantly like 24/7: [Wed Jun 25 12:40:07 2014] [error] [client 112.215.65.61] ModSecurity: Access denied with code 501 (phase 2). Pattern match…

apache-2.2 mod-security

asked Jun 25 '14 at 15:15

Ivan

893
2
9
23

1

vote

2 answers

ModSecurity Error Entries

Recently, I was passed some error logs to take a look into, since we'd had some network spikes recently. However, I've never worked with modsecurity (I'm a programmer just doing this since we don't have a real sysadmin), and something alarming came…

linux security shell mod-security

asked Aug 30 '09 at 06:43

waiwai933

166
1
2
15

1

vote

0 answers

Curl Sourced DDoS: How to detect it & how to stop?

Okay, an Ubuntu server I manage fell victim to a DDoS attack today. Usually this is unpleasant but not that big a deal. A few high server load moments & then it passes. Today was clearly different. For the record, I have years of server attack…

apache-2.2 security ddos curl mod-security

asked Apr 16 '14 at 03:02

Giacomo1968

3,542
27
38

1

vote

2 answers

mod_security configuration issue: Error parsing actions: Unknown action: ver

I am trying to install / configure mod-sec using this tutorial, which uses the OWASP ModSecurity Core Rule Set. However when I go to restart apache, I get the following error: Syntax error on line 53 of…

apache-2.2 security ddos mod-security

asked Jan 07 '14 at 12:50

Bob Flemming

1,245
3
14
17

1

vote

1 answer

How do I handle apache2 modsecurity2 warnings like Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required?

After upgrade from squeeze to wheezy I get loads of these messages in my apache errorlog when I open a webpage on myserver, (changed to myserver.de here): [Sat Oct 19 01:06:21 2013] [error] [client 213.239.220.106] ModSecurity: Warning. Match of "rx…

apache-2.2 mod-security mod-pagespeed

asked Oct 18 '13 at 23:13

rubo77

2,469
4
34
66

1

vote

0 answers

apache DirectoryMatch matching filenames

I have the following code in my security.conf file of apache Options -ExecCGI php_flag engine off This is to prevent php execution…

apache-2.2 mod-security

asked Sep 17 '13 at 17:26

Virendra

111
4

1

vote

2 answers

modsecurity whitelist to allow file downloads?

I have a site that has modsecurity enabled but I am receiving 403 Forbidden when trying to access PDF documents on the server through the web site. Is there a way to whitelist pdf files to allowed to be served through the site or a possible…

apache-2.2 mod-proxy mod-security

asked Aug 14 '13 at 14:56

jeffci

121
1
5

1

vote

1 answer

mod_security to Inspect Post Variables

Can mod_security be used to inspect post variables? It looks like I can through turning SecRequestBodyAccess. I would like to check the username POST field from a form in wp-login.php. If it's value is "admin", I want to return an error and block…

mod-security

asked Aug 07 '13 at 02:32

Jared Pomranky

11
4

1

vote

0 answers

short Apache outages (VPS, ModSecurity)

I have a problem with my site recently hosted at Liquidweb, none of their techs seems to be able to solve this issue even after days. Was hoping I could get some help here. Occasionally, my site's HTTP will not respond - usually 2-3 times a day. It…

apache-2.2 vps http mod-security

asked May 09 '13 at 14:30

user173106

11
1

1

vote

1 answer

Apache vhost-specific logging

I have the following apache setting (in conf.d/owasp-modsecurity.conf): SecAuditLog "/var/www/vhosts/${lowercase:%{SERVER_NAME}}/statistics/logs/modsec_audit.log" When I do httpd -t I get the following error: Syntax error on line 15 of…

apache-2.2 logging mod-security

asked Apr 24 '13 at 08:16

Christian

466
5
23

1

vote

1 answer

Limit mod_security rule to one vhost only

I run several domains (via vhosts) with the same apache installation. Some domains require different mod_security rules than the others. In a seperate exceptions.conf file I collect all those rules and have this syntax: …

apache-2.2 virtualhost mod-security domain

asked Apr 23 '13 at 07:52

powtac

639
2
6
19

1

vote

2 answers

Blocking bad bots

I found this script and was wondering if this is just overkill and even worth using? Is it better for me to just use mod_security? # Generated using http://solidshellsecurity.com services # Begin block Bad-Robots from robots.txt User-agent:…

linux .htaccess mod-security robots.txt

asked Apr 17 '13 at 01:52

Tiffany Walker

6,681
14
56
82

1

vote

1 answer

Mod_security2 and clamav to catch malicious files on upload

Is there a clear documentation to describe the solution? It's very common and also necessary.

upload mod-security clamav anti-virus

asked Apr 04 '13 at 01:09

smhnaji

619
2
11
24

1

vote

1 answer

How do I include a rule set with ModSecurity on IIS?

I'm using ModSecurity 2.7.1 on IIS 7.5 / Windows 2008 R2. I've reference my base set up conf file in my Web.Staging.config of a site like so: How do I…

windows-server-2008 iis-7 asp.net mod-security

asked Dec 11 '12 at 07:02

autonomatt

133
5

1

vote

3 answers

ModSecurity compile error on nginx

I'm trying to install ModSecurity on nginx with the following instructions : wget https://github.com/SpiderLabs/ModSecurity/archive/master.zip unzip master cd ModSecurity-master ./autogen.sh ./configure --enable-standalone-module And i got the…

nginx centos6 mod-security

asked Nov 21 '12 at 16:07

user146481

19
1
3

Questions tagged [mod-security]