I have mod sec installed on my cpanel server and I have installed common rules etc, but i want to block a defacement bot which is modifying files through an as yet unidentified flaw in a file somewhere
an identifying part of the script it appends to files contains the text string "a9a007"
so i thought it should be possible to block this in query urls etc using mod security as an interim measure ?
an identifying part of the script it appends to files contains the text string "a9a007"
so i thought it should be possible to block this in query urls etc using mod security as an interim measure ?