Stack Overflow
Stack Overflow

Questions tagged [mod-security]

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

As of December 27, 2015 the latest stable release of ModSecurity is version 2.9.0.

Useful links:

476 questions
0
votes
1 answer

ModSecurity and "Northwind"

I've built a PHP registration system, that I've been using for a number of years. Recently, someone was trying to register and their billing address contained the word "Northwind". This gets flagged by ModSecurity in CPanel and rejected…
isshakes
  • 56
  • 7
0
votes
1 answer

Ngnix ingress controller Modsecurity (OWASP Ruleset) high latency response

In our AWS EKS environment, I deployed Nginx ingress controller through helm, following the official Nginx install guide and adding a configmap yaml that enables Waf modsecurity in this ingress with OWASP v3.3.0 ruleset. It stands behind aws nlb It…
Rubenoh
  • 1
0
votes
2 answers

Modsecurity - Block request_uri but return code 200

I'm really new to modsecurity and I'm having some issues in understanding the rule editing. I need to return 200 to the requests arriving form a specific endpoint that starts with /myendpoint/ but I still want to deny the endpoint to do anything…
Maonat
  • 27
  • 1
  • 6
0
votes
1 answer

To realize ModSecurity same processing on Spring Cloud Gateway

I am working on a project that realizes the same function as ModSecurity with Spring Cloud Gateway. We also aim to realize the function of reading the core rule set. In other words, we are aiming for a Java version of Web Application…
ともしん
  • 1
0
votes
1 answer

ModSecurity Block invalid host referer

I need a rule to block all POST requests to wp-login.php, But I need to check if the referer domain is equal to requested domain name We need to check such things: check for requested domain value (example: sitename1.com) check for referer domain…
Farhad Sakhaei
  • 894
  • 10
  • 28
0
votes
1 answer

can modsecurity be installed on nginx for windows?

I have not found any tutorial for the installation of modsecurity in windows, all the ones I find are for linux systems Does anyone know if it is supported?
Luis Alberto Gonzalez Diaz
  • 79
  • 1
  • 8
0
votes
1 answer

How to REQUEST_URI ARGS or Params Dynamic in ModSecurity

Example url /outlet/?filter_cor=linho,metalizado,caramelo,bordo,listrad I would like to know if it is possible to make a rule in modSecurity that where are the arguments "linho,metalizado,caramelo,bordo,listrad" if the names are changed he accepts…
Renato Andrade
  • 1
  • 1
0
votes
1 answer

ModSecurity: Block simultaneous requests to multiple sites

I need to block simultaneous requests to multiple sites using ModSecurity For example sometimes an IP address try to access multiple sites URLs in same time, which most of them are hacker or robots: 121.122.123.124 site1.com GET…
Farhad Sakhaei
  • 894
  • 10
  • 28
0
votes
1 answer

Default phase in modsecurity rules?

I run modsecurity2 on apache 2.4 server on a CentOS machine (WHM enabled). To whitelist msnbot, my hosting provider asked me to add the following rule SecRule REMOTE_HOST "@endsWith .search.msn.com" "allow,nolog,id:5000003,msg:'msn bot'" There was…
Kannan
  • 123
  • 8
0
votes
1 answer

Do OWASP CRS modsecurity rules prevent DOS as in these 2 scenarios?

From OWASP CRS (modsecurity) related docs (which I can find in the public domain) I can infer that brute force and DOS protection have been taken care of. However, I am not able to find specific details regarding the rules that prevent DOS.…
Kannan
  • 123
  • 8
0
votes
0 answers

How to identify if there are any attachments in REQUEST_BODY for creating a ModSecurity exclusion rule

We are using ModSecurity CRS 3.0.2 and need to exclude rule 930110 which blocks requests if it contains patterns '../' and '..\'(Path Traversal Attack). If we attach a file while submitting the request, this pattern gets matched frequently and…
Karthik
  • 1
  • 1
0
votes
0 answers

Kong with OWASP ModSecurity optional configuration include

For customizing of ModSecurity configuration I have included to the modsecurity.conf following line: Include /etc/modsecurity/*.conf But without any conf file in the directory (usual case on my enviroment), a kong failing during startup Error:…
demon101
  • 544
  • 1
  • 11
  • 39
0
votes
1 answer

Weird behavior of Apache2 ModSecurity2

I am hosting a nextcloud application on my apache2 production server on which I use modsecurity for hardening. As modsecurity will detect many requests generated by Nextcloud as false positives, I want to enable the special modsecurity nextcloud…
PXLDEV
  • 53
  • 1
  • 8
0
votes
1 answer

How to ban IP addresses requesting specific directory using apache

Hello I'd like to permenently ban anything requesting the directory "/backups/" now how can I do that using a PHP script or mod_security? I want to do this in a similar manner as iptables does this if possible.
FreakAnon
  • 399
  • 3
  • 4
0
votes
2 answers

How to enable mod_security on Windows 2008 IIS

I am trying to install PIWIK (http://piwik.org) on Windows 2008 server and IIS 7. PIWIK is using PHP and MySQL. When I run the install process, I got the following error. I don't know how can I enable mod_security and HTTP Authentication for…
TTCG
  • 8,805
  • 31
  • 93
  • 141
1 2 3
31 32