Stack Overflow
Stack Overflow

Questions tagged [mod-security]

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

As of December 27, 2015 the latest stable release of ModSecurity is version 2.9.0.

Useful links:

476 questions
0
votes
1 answer

Mod Security rules to specific country

How can i make a rule for mod security to only allow specific IP database to access a file name, for example i want to block any IP out of Indonesia IP to accesss register.php Below is the rule to only block: SecRule REQUEST_HEADERS:User-Agent…
Zainul Halim
  • 1
  • 1
0
votes
2 answers

(httpd) Getting some problems with Mod_security Installation

I'm using Webuzo on my first unmanaged VPS (CentOS 6.4,OpenVZ). I tried to install Mod_Security following this guide. I installed Modsecurity-apache_2.6.6 but there's a problem in Step3 that prevents me from installing OWASP Mod_Security Core Rule…
RedGiant
  • 4,444
  • 11
  • 59
  • 146
0
votes
0 answers

ModSecurity issue - Sticky SessionID Data changed

I've been wallbashing my head on this problem for a couple of days and I'm totally out of ideas. We are moving our site to a new host. Our site works BOTH in local AND on the old host. No changes made to the code, but the new host bans our IP after…
Alan Piralla
  • 1,216
  • 2
  • 11
  • 21
0
votes
1 answer

HTTP authentication: how to debug .htpasswd?

My server outputs the authentication form, but the credentials i give are always wrong. Probably apache can't read my .htpasswd. Do you know how could I debug this issue?
Alive Developer
  • 1,022
  • 1
  • 13
  • 25
0
votes
1 answer

Wordpress gives 403 error page on particular string

Ok, it's amazing. I found that if i write, for example, "app/etc/local.xml" within an article, wordpress gives me a 403 error page during save or preview operations. Now, I tried to decompose the string and i found that the problem is that " /etc/…
user2270248
  • 163
  • 2
  • 12
0
votes
1 answer

mod_security chain works on pre 2.7 without rule ID but not on 2.7 with rule ID (cPanel)

On My cPanel server, when using mod_security 2.7 built into cPanel (installed via EasyApache), this code: SecRule REQUEST_URI "!(/do_command)" chain "id:1234123478" SecRule REQUEST_URI "\.php\?.*=(https?|ftp)\:/.*(cmd|command)=" Generates this…
vectro
  • 1
  • 2
0
votes
0 answers

Joomla Custom component with Mod_security

I had built a custom component for Joomla v 1.5.23.However now when my forms in the backend send any HTML content I get the following error Forbidden You don't have permission to access /administrator/index.php on this server. Additionally, a 404…
Neil
  • 2,802
  • 8
  • 34
  • 49
0
votes
1 answer

phase 3 and 4 are not excecuted in mod_security

Since Railo/Resin does not allow session cookies to be httpOnly I've been trying to catch them with mod-security 2.7. Normally this would be done in phase:3 I can't seem to process any rules on phase:3 or 4 for that matter... A simple rule like…
red-X
  • 5,108
  • 1
  • 25
  • 38
-1
votes
1 answer

ModSecurity / CRS: Need help writing a custom rule to whitelist false-positives - Rule 951220/951120 (user listing an SQL programming book for sale)

ModSecurity 3.0.8 ModSecurity-Nginx 1.0.3 CRS: 4.0.0-rc1 I have a marketplace where users list various things for sale. One such item is a used Microsoft SQL book. ModSecurity is complaining about this: ---CBSB85oo---A-- [10/Nov/2022:01:04:59 +0000]…
peppy
  • 173
  • 2
  • 17
-1
votes
1 answer

How do I add a ModSecurity rule to block certain http requests?

I want to create a rule that blocks all http requests (get,post,put, literally all of them) and only allow certain ones that I specify. Specifically, Get, Put and Post. I am running ModSecurity V3. If there is a rule that can do something like this,…
LordZeus
  • 39
  • 4
-1
votes
1 answer

Iredmail on google compute, modsecurity and phpbb3

I was given a week to get the website moved from Godaddy because they did not want to move it to their new server. So I had to start to learn how to move it to a cloud solution. I did achieve it, after a lot of research and help from…
kcfez
  • 1
  • 1
-1
votes
2 answers

Can't send auditlog with modsecurity with custom error pages

I'm using Modsecurity v3.0.3 with the blocking module and I need to get my auditlog. Also, because I need it, I have to use some custom error pages. Unfortunately, I have my logs, but I'm losing my auditlog. I tried some forums' help, but it didn't…
Alex
  • 3
  • 3
-1
votes
1 answer

ModSecurity count the number of hosts accessed by an IP

I need to block the ip addresses which access to more than 3 domains at the same time using ModSecurity For example if some ip…
Farhad Sakhaei
  • 894
  • 10
  • 28
-1
votes
1 answer

How to integrate a Web Application firewall (ModSecurity) with Heroku?

I have an application running on the flask server in Heroku. This there any way to integrate ModSecurity or any open-source Web Application Firewall (WAF) to protect my application in Heroku. Any other related answer or help regarding this is also…
Rahul Sapparapu
  • 79
  • 6
-1
votes
1 answer

apache mod_security not logging certain POST data

In Apache access log, I'm seeing far too many entries containing: POST /wp-login.php HTTP/1.1" 302 indicating successful logins (because status is 302) - but too many too quickly to be genuine (human) logins. I want to see what's in their POST…
flymike
  • 935
  • 2
  • 9
  • 18
1 2 3
31
32