swampy

Well-Known Member
Jan 30, 2004
148
0
166
Hi if anyone is running joomla or mambo this rule stopps most if not all attacks against mambo and joomla as far as i know joomla and mambo do not use this request in any url so i have added it to my modsec rules and it gets all of the attacks against my server about 300 aday from compromised scripts

SecFilter "mosConfig_"

hope this helps

swampy
 

ramprage

Well-Known Member
Jul 21, 2002
655
0
166
Canada
One of my servers got attacked through OpenSSL I think as it was running 0.9.7a and since cPanel reports it as the latest version I never thought to update it..

Updated to 0.9.8d now and cleared up the mess he made. Seems good now.

What OS are you using? Red Hat applies its own patches so the versions get fudged in between what openssl.org has listed.