Writing a mod security rule to block access to a PHP file

Question

I wish to block access to any file with name "modules.php" in any website. I have written a Rule in mod security but I'm not sure if it is working or not? here is the rule

SecRule REQUEST_LINE "@rx modules.php" \
"phase:2,block,severity:2,msg:'Blocking access to modules.php files.'"

Is that correct?

score 0 · Answer 1 · answered Jan 10 '14 at 03:29

0

It will work. Instead REQUEST_LINE to REQUEST_FILE for better performance.

answered Jan 10 '14 at 03:29

Wei

86
1
3

Writing a mod security rule to block access to a PHP file

1 Answers1