Questions tagged [mod-security]

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

As of December 27, 2015 the latest stable release of ModSecurity is version 2.9.0.

Useful links:

476 questions

-1

votes

1 answer

modsecurity does not work if no required SSL certificate was sent

I have a lot of rules in modsecurity but none works if the host is numeric in SSL https://SERVER_IP, i get this response: 400 Bad Request No required SSL certificate was sent My SSL is only valid to my domain name, but should not modsecurity work…

asked Jun 10 '19 at 23:50

jim

-1

votes

1 answer

modsecurity ssl certification project

Mod-security_SSL_Certification Hello evryone I'm setting up a new web server for attacks testing (dvwa) in my Centos machine and i want to set up an application security layer using Mod_Security module on Apache and its working great, now i want to…

https ssl-certificate webserver mod-security

asked May 20 '19 at 11:29

ABSIKE MUSTAPHA

-1

votes

1 answer

Modsecurity - REQUEST_URI allow rule is not working

We have following rules that are not working and we wanted to white list this warning ( in event viewer ), which contains "testinguri" in URI. SecRule REQUEST_URI "@contains testinguri\?op\=message"…

mod-security web-application-firewall

asked Nov 12 '18 at 13:05

Question and Answer

-1

votes

1 answer

Creating rule on reverse proxy mod_security

I built up the reverse proxy using mod_security on my system I got problem when wrote rule on specify website For example i have 2 websites a.com and b.com, both of them has parameter username if i want to deny value abc on that parameter, my rule…

reverse-proxy mod-security mod-security2

asked May 08 '16 at 18:49

Tsu

-1

votes

1 answer

Keep ModSecurity Enabled With Symfony installation W/Cpanel & WHM

This question is an extension of another here (Symfony framework install 406 Not Acceptable Error w/CPanel & WHM), please read my answer there to see how I solved the issue. I was able to solve the issue I had with the 406 errors but at a cost.., I…

php symfony installation cpanel mod-security

asked Dec 27 '15 at 06:01

Joseph Astrahan

8,659
12
83
154

-1

votes

1 answer

modsecurity issue wordpress site loading issue

This is my first question so please bear with me. I'm having a mode security issue on one of our sites from last few days, I just complete site and after few hours I got mode sec issue and our site is blocked. I reinstalled site next day again but…

wordpress .htaccess caching mod-security

asked Aug 04 '15 at 07:05

Rahul

4,294
1
10
12

-1

votes

1 answer

Installing Mod_Security on CentOS

I recently switched to a VPS rather than shared hosting. One of the helpful things of shared hosting was having mod_security. I noticed whenever I was trying to prevent SQL injections it's always a nice thing to add on. Anyways, I went to this site…

centos mod-security

asked Apr 10 '15 at 06:36

Josh Potter

1,629
2
13
11

-1

votes

1 answer

What is preventing users from submitting a specific word in a text field?

Custom PHP program that tracks medical data. Via a modal form, users enter/submit comments. On one (and only one) installation of the program, users are able to submit all medications EXCEPT the word "Doxycycline". They can enter any variation of…

php forms debugging input mod-security

asked Feb 03 '15 at 13:44

user3103374

-1

votes

1 answer

mod-security allowing only one set-cookie

Has anyone run into the problem of mod-security only allowing one set-cookie through a proxy request response? We are using nginx with mod-security and seeing all but the last set-cookie be removed by nginx on the response from our application…

nginx mod-security mod-security2

asked Sep 27 '13 at 20:33

Doug

-2

votes

1 answer

how to make a valid element for ?

I tried to install ModSecurity for IIS 10 and use it for my asp.net websites, the problem is when I want to add the element at the level of the .... element it displays an error with this message: The…

asp.net iis-10 mod-security

asked Apr 11 '19 at 10:38

Essabar Ismail

-2

votes

1 answer

Updating script (curl script) to include user-agent string

Having an issue on our site. You can see more detailed info at http://www.themastfarminn.com/php-prob/ I sent in a support ticket to our hosting provider and here is what they replied: ||||||||||||||||||||||||||| We recently updated our Mod Security…

php curl http-headers user-agent mod-security

asked Jul 06 '15 at 20:12

Henri Deschamps

Prev 1 2 3

…