block directory requests with mod_security
Hey everyone, need someone who knows mod_security to give me a quick hand setting up a rule.
What I want to do is block all access to a specific directory server-wide with mod_security.
So say someone were to query www.mydomain.com/notreallyhere/... I want mod_security to intercept that request and 503 the user.
Anyone know how to get a rule to do that?
If you are using rules from GotRoot or ASL, modify the file called MALWARE-SCRITP.TXT and add in there the domain+directory that you want to block, easy as that.Originally Posted by NightStorm
After you restart apache no one will enter into that directory anymore.
Regards,
Sergio
Not quite what I'm after...
I want to catch all requests coming in to a specific directory across all sites on my server... irregardless of where the request is originating from.
Also, I'm not using ASL rules... I have a different set of rules loaded... can't remember where I got them from... I think someone posted them here at some point, actually. Either way, it's somewhat unrelated to what I'm looking for.
Well, in your first post you wrote:
If you do as I said, everybody will be blocked trying to enter into that directory on that specific domain. But if you don't have GotRoot modsec rules, then what I wrote will not help you, sorry.
On the other hand, you can write at AtomiCorp Forum (creators of GotRoot rules) asking for help on creating the rule that you need.
Regards,
Sergio
LinkBack URL
About LinkBacks
Reply With Quote