Stack Overflow
Stack Overflow

Questions tagged [mod-security]

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

As of December 27, 2015 the latest stable release of ModSecurity is version 2.9.0.

Useful links:

476 questions
0
votes
1 answer

Apache Mod Security-Core rule set issue

In my application I have implemented mod security and as it's generic for few URL I have blocked few rules for particular location (URL). But I am OWASP error with below URL and not getting able or finding the way to block rules for this URL. So…
Souvik
  • 1,219
  • 3
  • 16
  • 38
0
votes
0 answers

Splitting binary file on tags?

I have a ModSecurity log file which contains parts which contain either text or binary data. I need to split this file according to the tags which are noted at the start of each part so i can do filtering of data for permanent storage. So for…
Kenny Steegmans
  • 307
  • 4
  • 21
0
votes
1 answer

exec() just run when i access target php in browser

i use this code to run another php for some work (ffmpeg convert) $binpath = get_option('binpath','/usr/bin/php'); $command = $binpath." -cli -f ".ABSPATH."/videocron.php"; exec( "$command > /dev/null &", $arrOutput ); but when i upload…
Mohammad Shojaa
  • 91
  • 1
  • 7
0
votes
1 answer

Excluding group of rules for specific arguments

I see many requests blocked in my modsec_audit.log because of sql injection rules applying to JSESSIONID cookie. I am trying to avoid those rules for that particular cookie name. My last attempt was: SecRuleUpdateTargetByTag…
Fabio B.
  • 9,138
  • 25
  • 105
  • 177
0
votes
1 answer

Exclude trusted bots in mod_security

I am struggling to make mod_security completely bypass bots I trust. I wrote these example instructions at the bottom of my /etc/modsecurity/modsecurity.conf SecRule REQUEST_HEADERS:User-Agent "Googlebot"…
Fabio B.
  • 9,138
  • 25
  • 105
  • 177
0
votes
1 answer

mod_security rule 981203 false positive

I just installed mod_security on my Apache2 web server. I activated all of the base_rules/ from OWASP CRS. I found a false positive by looking inside of /var/log/apache2/modsec_audit.log. The target URL…
Fabio B.
  • 9,138
  • 25
  • 105
  • 177
0
votes
2 answers

how to disable mod_security?

I know this is already discussed here but unfortunately I did not find the solution. I am using Hostgator shared hosting account and I installed the script which fetch the video from youtube.com. All is well however when I use the option to fetch…
Ali
  • 11
  • 1
  • 1
  • 2
0
votes
1 answer

Magento 2 cannot save category description - modsecurity SQL injection rule

I am working on a Magento 2 project and have been having trouble saving category descriptions. In the Catalog Save controller action (Magento\Catalog\Controller\Adminhtml\Category\Save), I was logging the request…
LoganGS
  • 91
  • 1
  • 8
0
votes
1 answer

atomicorp.com unsupported delayed rules causing Cpanel IP Blocked

I'm having very big trouble with atomicorp.com unsupported delayed rules, anytime I'll try to change something in admin (Social Networks) Cpanel block my IP address and I've to contact my host to solve it. If anyone has same issue, Please provide…
user6276867
  • 99
  • 1
  • 3
  • 10
0
votes
0 answers

Secure sensitive web dir folder

In a app which is using ussd to make payment and later the offline app is uploading tokens to online app for use. I would like to be shared some ways and considerations to be taken to a folder which is keepin tokens in XML format. Currently my…
FetchLazy
  • 30
  • 6
0
votes
1 answer

How to "tail" the modsecurity logfile until a certain timestamp?

I have a modsecurity logfile where I want to get the last events until a certain timestamp. A short introduction in how modsecurity logfiles are assembled: for example, 1 event is presented like: --8b014015-A-- [16/Mar/2016:20:13:02…
yoano
  • 1,466
  • 2
  • 16
  • 20
0
votes
1 answer

Issue on Mod security Rules

I have successfully implemented Modsecurity Firewall. But My Team facing one issue related to Firewall rule for Sql Injection & Xss. Issue is. Whenever user add normal information with special character then rules can execute and display page with…
Mihir Mistry
  • 1
  • 2
0
votes
1 answer

Modsecurity rule for blocking a request when a parameter doesn't meet a regex

I am trying to create modsecurity rule which needs to block a request when a parameter doesn't meet a certain regex. Let's take an email regex as example: (^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$) and for the parameter: email location of…
yoano
  • 1,466
  • 2
  • 16
  • 20
0
votes
1 answer

simple form input triggers 403 forbidden page

After Apache upgrade on my shared server, I have been having nightmare issues with the form input on all of my reseller hosting accounts. The clients get 403 (or in case of Wordpress install, 404, which has really confused me) after the simplest,…
Natalia
  • 417
  • 3
  • 7
  • 18
0
votes
1 answer

File download scanning with modsecurity

I want to scan the file downloads with mod-security. Is it possible to do this? I could not find any way of doing it. File upload scanning is feasible but how to do scanning of downloads?
alice
  • 85
  • 2
  • 7
1 2 3
31 32