The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how to block access to files via mod_sec

Discussion in 'General Discussion' started by hostmedic, Jan 6, 2009.

  1. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    We would like to (serverwide) block access to files that are named Change / ChangeLog / etc

    how can we do this serverwide via mod_sec?

    .htaccess is in place doing it on the locations needed - but would be nice to be able to just set a rule up on the entire server via mod_sec
     
  2. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    What version of mod_security? I'm sure you could do it.. just find a simlar rule blocking something like iFrame and use that as an example to work from.

    That said, could you do what you're currently doing in .htaccess files in the main httpd.conf file instead? That should make it server wide.
     
  3. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    .htaccess

    good point - however the mod_sec stuff above the servers would be nice to run

    saves adding to tons of servers
    especially if a client uses our custom typo3 builds - but their own server....

    tried a few things - just have not been able to figure it out yet :-/
     
Loading...

Share This Page