Stack Overflow
Stack Overflow

Questions tagged [mod-security]

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

As of December 27, 2015 the latest stable release of ModSecurity is version 2.9.0.

Useful links:

476 questions
0
votes
1 answer

What can I do when an external client try to run a PHP script on my server?

I have a LAMP configured server and multiple times from the Apache error log file I can see warning messages like this one: [Thu Jul 02 08:54:04.263981 2015] [:error] [pid 12059] [client 5.45.79.44:49144] script '/var/www/html/wp-update.php' not…
NineCattoRules
  • 2,253
  • 6
  • 39
  • 84
0
votes
1 answer

Modsecurity "outbound-anomaly-score"

I am getting 403 forbidden error when opening a page (just displays a table) in the modsecurity log file i got this info ... --3445d837-A-- [29/Jun/2015:15:44:26 +0530] VZEagn8AAQEAACkX5YcAAAAE 49.204.187.140 56574 46.101.60.149…
Naga Inquisitive
  • 45
  • 1
  • 8
0
votes
2 answers

Disable mod_security for QUERY_STRING (table_name) in specific file

I host a site on a shared host which has mod_security turned on. The problem is, one of a third-party script gives 403 (access denied) when a query string contains: 'table_name'. For example, this will trigger access…
NonCoder
  • 235
  • 4
  • 10
0
votes
1 answer

How to Allow http in query string without using mod_security?

I am using contact form 7 to send an URL from one form to other using on_sent_ok. Trying to send http://myurl.com in the query string redirects me to the 403 forbidden page. On some research, I found it a mod_secrity causing the issue. Can it be…
Sachin Stellen
  • 3
  • 4
0
votes
0 answers

apache plesk modsecurity firewall to stop HTTP Continuation or non-HTTP traffic attack

I am having problems with what seems to be someone attacking my server. I have plesk 12 and Fail2Ban and ModSecurity Installed but it doesn't seem to be helping with the following. Someone from an ip address keeps causing the following traffic when…
Ryan A
  • 103
  • 1
  • 7
0
votes
1 answer

Write a custom modsec rule to deny upload/execution of specifc code in php script

is there any option available in modsecurity to write custom rule to block php script which contains hack script having common pattern. I am facing an issue of compromised cms softwares in my server are frequently uploading php scripts with same…
John
  • 289
  • 1
  • 3
  • 7
0
votes
1 answer

BlueImp jQuery File Upload and ModSecurity Errors

I'm getting intermittent errors from batch uploads using BlueImp. I have used this same code/config on other LAMP machines without issue. Over the course of an hour my working batch upload using BlueImp went from accepting any file I threw at it to…
jerrygarciuh
  • 21,158
  • 26
  • 82
  • 139
0
votes
1 answer

Mod Security 403 persistnace require cookie deletion

I have been searching for quite some time and finally decided to posts this question on how Mod Security locks out a user from a domain. I have a large site with a lot of legacy URL's with '$' and "%" in them, this was removed but there are legacy…
Chris Trenka
  • 1
  • 2
0
votes
1 answer

modsecurity "Inbound Anomaly Score"

I got a lot of this error on my logs in a site hosting by OVH shared PRO => ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_60_correlation.conf"] [line…
Benjamin
  • 1
  • 1
  • 1
  • 1
0
votes
1 answer

Is it possible to install Apache mod_security Amazon Elastic Beanstalk

I have 4 ec2 instances (running Amazon Linux AMI) and i'am using elastic beanstalk to deploy my Java app to Tomcat. I would like to know if it was possible to install the apache mod_security using the .ebextensions ? ps: I know how to install…
Johny19
  • 5,364
  • 14
  • 61
  • 99
0
votes
1 answer

Does the new Mod Security in cPanel have it's own rules?

The new cPanel/WHM has Mod Security built in, I am not talking about Config Server or other third party solutions. Does enabling this do anything or do I need to use rules like OWASP and ATOMIC provide? I know this sounds like a simple question that…
Neo
  • 11,078
  • 2
  • 68
  • 79
0
votes
1 answer

mod-security: warning, not blocking

I've installed mod-security and can see from the logs that it is warning me in the case of an SQLi attempt. The attempt succeeds however, when I expect it to be prevented. Clearly I'm missing some very obvious setting, but I can't find it! Any help…
confusified
  • 2,320
  • 7
  • 22
  • 29
0
votes
2 answers

Apache2 sql injection rule not starting

The config for modsecurity is set up correctly.
Orlando Onofrei
  • 17
  • 5
0
votes
1 answer

Google tag manager apache mod-security

I get this error when I try to debug or make google tag manager public Access denied with code 406 (phase 2). Pattern match "\\b(\\d+) ?= ?\\1\\b|[\\'\"](\\w+)[\\'\"] ?= ?[\\'\"]\\2\\b" at REQUEST_HEADERS:Cookie. [file…
Ciprian Mihalache
  • 11
  • 2
0
votes
1 answer

jquery.cookie.js mod_security error 406 and the question mark

ON a WordPress site, a plugin that I am using makes use of, jquery.cookie.js. My hosting provider makes use of mod_security prevented jquery.cookie.js from being server and resulted in error 406. As I looked at the failure in the Chrome development…
Richard
  • 261
  • 1
  • 3
  • 9
1 2 3
31 32