Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

0

votes

1 answer

Mod Security2 deactivation rule only from a specified IP addresses

Is it possible to disable a rule by Mod Security2, only for one specified IP addresses? Only for one specified IP addresses & only for one specified path ( /administrator ) ? I tried this: Allow from 123.456.78.999 …

asked Aug 08 '14 at 11:39

Shake-the-World

11
5

0

votes

2 answers

Modsecurity Preventing Access to WSDL

I have installed mod_security with the OWASP rule set and it is now blocking my ability to call a web service using a WSDL. When my code tries to make the web service call, I see the below in the mod sec audit log (domains, IP's and file names have…

mod-security soap wsdl

asked Aug 05 '14 at 03:27

Jason

381
1
7
20

0

votes

3 answers

Mod_security - Syntax error

I have a password protected directory on my web server. To protect that from brute force attack, I tried to add the IP-Based BLocking config as below in the apache2 config file. But everytime I restart Apache2 I get syntax error. Does anyone know…

apache-2.2 mod-security

asked Jul 22 '14 at 15:24

Matt

11
1
2
5

0

votes

0 answers

Nginx + mod_security without a backend server

I want to start using mod_security for Nginx. However, I have read the official doc and something got my atention: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#installation-for-nginx The example configuration is: location / { …

nginx php-fpm phusion-passenger mod-security

asked May 05 '14 at 16:08

arg

13
1
4

0

votes

1 answer

apache2 reverse proxy broken after modsecurity is installed ubuntu on 12.04.1

this is the first time I have run into issue like this one. I have a java application setting behind a apache2 using mod_ajp on 8009. I have noticed that I could not get the client's IP so I have created another virtual host file and switched to…

ubuntu reverse-proxy mod-proxy mod-jk mod-security

asked Mar 14 '14 at 17:41

black sensei

609
3
10
25

0

votes

1 answer

Apache/ModSecurity - Blocking HTML Textarea with 403 when it contains a linebreak (enter key)?

I have a contact form, within this contact form is a textarea. If i fill out the contact form and in the test area, i enter one line of text, e.g. Example The form completes and i am notified via email. However, if inside of the textarea i do the…

http-status-code-403 mod-security

asked Mar 13 '14 at 06:32

Craig van Tonder

121
2
7

0

votes

1 answer

Modsec: Set env variable based on User-agent

Relatively new to Apache modsec. Trying to do something simple and hitting a wall. I want to set an environment variable based on the User-Agent, and test it by setting a header. I have this: SecRule HTTP_User_Agent "Gecko"…

apache-2.2 mod-security

asked Feb 19 '14 at 01:53

Nathan Stretch

181
2
15

0

votes

1 answer

How to block/ban clients that try to access some paths / urls?

Some spambots hammer my server with nonexisting paths like /user/pass?=asdfdasfas How could I block any access to /user/pass?=* ? Is there a better tool than iptables or csf for catching such crap?

apache-2.2 iptables firewall mod-security csf

asked Nov 28 '13 at 06:12

giorgio79

1,837
9
26
36

0

votes

1 answer

Find excluded keywords for $_POST/$_GET content with ModSecurity?

Our client has ModSecurity 2.0 with Rule Set 2.0.5 but he told us that minor detail at the end of the development. I need to audit all the application code and make sure it does not interfere with ModSecurity. (It already does) I know that you can't…

apache-2.2 mod-security

asked Sep 24 '13 at 07:59

Tristan

498
2
9
27

0

votes

2 answers

How to prevent from uploading shell

What is the best way to prevent from uploading c99shell,r57shell and another php sheller? i want when an attacker upload a shell the sheller don't show for him. I use mod_security ver 1.x Thanks in advance

php security mod-security

asked Jul 09 '13 at 20:43

alysa

11
1

0

votes

1 answer

Apache 2.2.4: problems chroot with modsecurity

I've been installed mod_security. If i simply include in the httpd the configuration files of mod_security, it starts normally. Indeed, if i try to add SecChrootDir /mnt/chr , httpd will start, but at the request of the page it returns either 404…

apache-2.2 httpd chroot mod-security

asked Jun 21 '13 at 21:38

sl34x

23
4

0

votes

1 answer

Proxying while preserving URI with mod_security2

I'm using a proxy: action in mod_security2. I'd like to preserve the full URL of the original request, however, and it seems to be rewriting that to the url in my proxy: action. So a request to http://domain.example.com/foo hits my the below…

apache-2.2 reverse-proxy mod-security

asked May 23 '13 at 13:35

Cian

5,838
1
28
40

0

votes

1 answer

Side effects of using owasp mod_sec rules

I was looking at all the owasp rules for mod_security. How badly does it slow your loading time down if you use them all? What would be the recommended packages to use? I want to mostly block bad UA, SQL and XSS attacks.

linux apache-2.2 http mod-security

asked Oct 31 '12 at 03:48

Thompson Smith

49
2
6

0

votes

1 answer

Mod_security questions and on User-Agent types

Very new to mod_sec I want to block a UA string and I noticed there are a few types: SecRule HTTP_User-Agent SecRule REQUEST_HEADERS:User-Agent What is the real difference between them? My block: SecRule REQUEST_HEADERS:User-Agent "perl"…

linux apache-2.2 mod-security

asked Oct 26 '12 at 05:01

Tiffany Walker

6,681
14
56
82

0

votes

1 answer

Installing mod_security

I have apache and suphp running. How hard is it to install modsecurity? Also, where can I find some light weight/generic rule-sets to not bog apache down?

linux apache-2.2 mod-security

asked Oct 25 '12 at 16:28

Thompson Smith

49
2
6

Questions tagged [mod-security]