Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

1

vote

1 answer

Apache2 error "ModSecurity: Found another rule with the same id" Ubuntu18.04

downloaded v3.2.0 https://coreruleset.org/installation/ following instructions located in file INSTALL But apache cannot start and returns this error - AH00526: Syntax error on line 800 of /etc/apache2/crs/crs-setup.conf: яну 19 01:36:09…

apache2 mod-security

asked Jan 19 '20 at 00:02

Denislav Karagiozov

111
3

1

vote

0 answers

mod_security does not block invalid URI requests

I am quite new to Modsecurity and need some help to secure my development server. I have Apache 2.4 installed with Mod Security 2.8.0 I have also installed OWASP ModSecurity Core Rule Set ver.3.2.0 Now, I am trying to block all requests that do not…

apache-2.4 regex mod-security

asked Oct 18 '19 at 07:29

user3132858

143
2
7

1

vote

1 answer

Apache - Custom error page returning error AH01071 only for file requests

I have a site hosted with a shared hosting provider. It is an Apache with FPM/FastCGI and PHP 7.2 Being shared hosting, the only configuration I have access to is htaccess, but obviously not any of the Apache conf files. I have a custom error page…

.htaccess php-fpm apache2 mod-security errordocument

asked Sep 10 '19 at 23:31

Nicolas

201
1
3
8

1

vote

1 answer

Modsecurity - entire web pages being posted to log

I am running the latest version of Modsecurity on Ubuntu 18.04 and I'm having an odd problem that I cannot find through searching. The problem is that certain visitors to my server are posting the entire contents of web pages to the log. The posts…

mod-security

asked Mar 04 '19 at 00:16

User6655

11
1
5

1

vote

1 answer

Can I setup redirects with Modsec?

The web servers I managed are all running Apache 2.4 with Modsec. Is it possible to write a rule that will serve up a different page if matched by Modsec? I want this to be independent of the domain. For example, if domain1.com/login or…

apache-2.4 mod-security

asked Dec 17 '18 at 19:54

dstana

285
2
10

1

vote

2 answers

ModSecurity SecRule based on original browser url, not internal rewrite (index.php, app.php, etc.)

I'm working on a Symfony 2 site, and am trying to create a ModSecurity rule to match a particular browser URL. IE example.com/results Symfony 2 internally rewrites all requests to app.php using rules in .htaccess, so when I check REQUEST_URI in the…

apache-2.4 mod-rewrite wordpress mod-security

asked Sep 13 '18 at 05:38

Nathan Stretch

181
2
15

1

vote

2 answers

How to use modsecurity with lighttpd

I'm not an expert and I'm looking to use modsecurity with lighttpd Can someone explain me how to compile or install modsecurity for lighttpd because I can't find any documentation online

centos lighttpd mod-security

asked Jul 03 '18 at 23:19

freeze

11
1

1

vote

1 answer

ModSecurity: setenv within SecAction not effective

I am trying to debug an issue with ModSecurity. Using ModSecurity 2.9.2 on Apache 2.4.33. I've simplified the situation as far as possible, but have run into a wall. I'm working within a virtualhost config. Here's what I'm trying to do: SecAction…

mod-security

asked May 30 '18 at 05:42

Nathan Stretch

181
2
15

1

vote

3 answers

Disable server signature on nginx with modsecurity

I have compiled modsecurity and headers_more_module with nginx(1.13.6) on my ubuntu server. When modsecurity is not enabled at the nginx configuration, I am able to hide the origin server's name in the server responses: Server: nginx However, when…

nginx http-headers mod-security

asked May 24 '18 at 07:04

TrickyExplorer

89
1
3
11

1

vote

1 answer

How to deactivate base64 logging in modsecurity

In my modsecurity audit log there are base64-encoded Images which were logged from owncloud uploads. How can I add a custom rule in my virtualhost definition so that uploads are not logged as base64-encoded text? I found something that should work…

mod-security

asked May 11 '18 at 08:16

markgraeflerland

61
4

1

vote

1 answer

Configuring modsecurity for nginx

I have installed nginx using apt-get and now I want to implement modsecurity, a web application firewall on it now. All the solutions and procedures available online show the manual configuration of nginx(using git clone). Can anyone tell me how I…

nginx apt mod-security

asked Feb 07 '18 at 14:06

TrickyExplorer

89
1
3
11

1

vote

1 answer

Can't increase max POST size in Apache2

I'm trying to increase the POST requests size in order to let the users upload "big" files, after lots of "413 Request Entity Too Large" errors with small uploads (around 2 Mb). My Apache2 is running on Ubuntu 16.04 with mod_security2 enabled, so I…

apache-2.2 php mod-security

asked Sep 25 '17 at 20:59

TheUnexpected

131
1
1
6

1

vote

1 answer

Exclude sensitive data from modsecurity log

I'm setting up Modsecurity, and I have noticed that some sensitive data (credit card numbers) ends up in the log. How should I prevent this? Preferably I would want it logged, but with the sensitive data mangled. Example of a sensitive line in…

apache-2.2 mod-security

asked May 31 '17 at 13:06

klutt

167
1
8

1

vote

1 answer

High no of hits by facebook crawler on server

There are daily about 3000 404 hits or more from facebook crawler. Log is as X.X.X.X Y.Y.Y.Y - - [24/May/2017:03:43:35 +0000] "GET /health-and-medicine/trumps-2018-budget-cuts-funding-for-cancer-mental-health-and-hiv-research/ HTTP/1.1" 404 292…

linux security mod-security robots.txt

asked May 24 '17 at 11:25

YATIN GUPTA

203
1
2
9

1

vote

1 answer

can i disable ModSecurity rule via .htaccess?

On new server for my website, a centOS, when i try to upload an image via PHP and the file name contains a special character, like "my'file.jpg", i get a forbidden page and i can't even try to handle the error via PHP in log files i find…

apache-2.2 centos mod-security plesk

asked Apr 05 '17 at 09:40

al404IT

123
1
7

Questions tagged [mod-security]