Highest Voted 'mod-security' Questions - Server Fault Stack Exchange

1

vote

0 answers

Apache header order

I am working on a private server application for a web based mobile game that uses php to generate responses. In order to do this I am trying to replicate the behavior of the main server as closely as possible. The main server includes the standard…

apache-2.4 http-headers mod-security

asked May 18 '15 at 17:05

Bryan

11
1

1

vote

2 answers

Passwords in modsec log files

Are there any best practices or approaches I can take to prevent certain data (e.g. passwords) from being logged into mod-security's log files? We've a call coming into our Apache server (and onto the Karaf backend) that seems to occasionally…

apache-2.2 mod-security

asked Apr 23 '15 at 20:07

Jeremy Gooch

433
1
4
11

1

vote

1 answer

mod_security rule to block GET requests via querystring or referer

In the last days in my VPS there are many many GET requests on 1 file that cause a high memory load (all came from a single refer url, with different IPs). Until now I've blocked these requests via .htaccess # by refurl RewriteCond %{HTTP_REFERER}…

apache-2.2 mod-security

asked Apr 17 '15 at 11:33

ipel

109
3

1

vote

2 answers

Just added mod_security... want to whitelist a series of sub directories

I am running a host and just updated mod_security. It "broke" a CMS in multiple sites. I want to white list all sub-directories named CMS. How do I specify a rule to do that?

mod-security

asked Sep 23 '09 at 15:37

kylex

1,421
5
14
18

1

vote

1 answer

mod_security not working at all

I'm trying to make the mod_security work, I searched a lot on the web, and followed this tutorial to configure mod_security (all my configuration files are the same as the tutorial), and when I run httpd -M | grep -Ei '(evasive|security)' it…

centos apache-2.4 mod-security

asked Feb 25 '15 at 01:46

Rogerio Chaves

107
1
8

1

vote

1 answer

What exactly does the ModSecurity SecCollectionTimeout directive?

I am having a little bit of trouble with a recurring "Failed deleting collection" error message from ModSecurity (see this discussion @ GitHub for some context). In the discussion of this error it is often suggested that the SecCollectionTimeout…

apache-2.2 apache-2.4 mod-security

asked Jan 29 '15 at 10:54

MRA

307
1
2
8

1

vote

1 answer

Apache server fault after configure mod-security2

I configured mod-security, from https://www.digitalocean.com/community/tutorials/how-to-set-up-mod_security-with-apache-on-debian-ubuntu . After that a restart apache service but i caught error: The apache2 configtest failed. Output of config test…

apache-2.4 mod-security apache-2.2

asked Jan 11 '15 at 01:23

Jan Richter

21
1
2

1

vote

0 answers

ModSecurity on Apache 2.2 in EC2 - HTTP Status 413 messages dropped

Hi I am running Mod_Security on Ubuntu instances in EC2 behind an Elastic Loadbalancer. The app is a Ruby App. I have set SecRequestBodyLimit 293601280 When I upload files below that size, they are processed as expected. When I exceed the size…

apache-2.2 amazon-ec2 ubuntu-12.04 mod-security

asked Dec 10 '14 at 18:47

Dan Goldberg

11
1

1

vote

1 answer

mod_security RBL - apparent false positive

I'm struggling with an RBL rule in mod_security under apache 2.2 that seems to be giving me a false positive. I see the following in the audit log (IP address redacted): Message: RBL lookup of 4.3.2.1.sbl-xbl.spamhaus.org succeeded at REMOTE_ADDR.…

mod-security rbl

asked Nov 24 '14 at 21:28

KenB

162
1
6

1

vote

1 answer

Proper SSL config for SSL - Apache2 ignores DocumentRoot

So here's my current config: DocumentRoot "/var/www/keypad" ServerName keypad.io SSLOptions +StrictRequire SSLRequireSSL SSLProtocol -all +TLSv1 SSLEngine on …

openssl apache-2.4 ubuntu-14.04 mod-security

asked Oct 15 '14 at 15:22

subdavis

111
3

1

vote

2 answers

Nginx, ModSecurity, IP Tables blocking WordPress dos/ddos attack

For the past 14 days I have had my website being hit by millions of WordPress installs over the world which .htaccess is kind of coping with but I am trying to get something to kick them before meeting htaccess. (RewriteCond %{HTTP_USER_AGENT}…

nginx security firewall mod-security

asked Sep 14 '14 at 17:20

Jack J

19
3

1

vote

1 answer

Changing ModSecurity Logging on a Per Transaction Basis

I am trying to trace all requests being made to a website on a shared hosting server. Packet capture is just going to be too cumbersome. We use Mod Security (2.8) with good effect, although due to the load we only have limited logging…

mod-security

asked Sep 12 '14 at 11:17

Santrix

263
3
10

1

vote

1 answer

Simple DoS protection with mod_security?

I have mod security2 in ubuntu 14.04 LTS server. I saw the below tutorial: http://blog.cherouvim.com/simple-dos-protection-with-mod_security/ The above sadly do not work on me apache error : * Restarting web server apache2 …

ubuntu-14.04 mod-security

asked Aug 14 '14 at 20:38

Shake-the-World

11
5

1

vote

2 answers

PHP and Text Area Triggering Mod_Security

I have some text areas in a form that are posted back and stored using PHP / MySQL. However, if a user presses return for a new line in the text area, mod_security is blocking it with the below log entry: Pattern match "\\W{4,}" at ARGS:notes.…

apache-2.2 php mod-security

asked Aug 09 '14 at 19:53

Jason

381
1
7
20

1

vote

1 answer

Apache mod_security crs blocking PDF files

I've just installed CRS for Apache mod_security and it's reporting all PDF files as possible attacks. Specificaly, it's the modsecurity_crs_20_protocol_violations.conf that's causing the trouble saying those files begin with 0. When a user tries to…

apache-2.2 mod-security

asked Jul 08 '14 at 13:12

Petr

11
3

Questions tagged [mod-security]