The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ajax + modsecurity

Discussion in 'Security' started by linuxprovider, May 29, 2007.

  1. linuxprovider

    linuxprovider Active Member

    Joined:
    Mar 4, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    egypt
    Dear all
    I am running apache 1.3 + modsecurity 1
    my problem is
    i can not use ajax coz of modsecurity is there any way
    to make ajax work with modsecurity on apache 1
    coz i know it's work on apache 2

    plz help
     
  2. ChadE

    ChadE Active Member

    Joined:
    Mar 14, 2005
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Mod_Security itself does not automatically block against attacks or exploits - it depends on the ruleset you're using. Are you using the mod_security packaged with cPanel or a custom installation?

    Typically, you can go to /etc/httpd/logs, trigger mod_security in your browser, then open the audit_log which should contain the violation and which rule was triggered. The default configuration on my system is audit_log for logging, modsec.conf for mod_security's master settings and modsec.user.conf for the rules.

    I used that method to identify which 6 rules were causing vBulletin and phpBB post content to trigger a violation in mod_security.
     
Loading...

Share This Page