how to block these php code using mod_security

kevinchong

Registered
Nov 8, 2014
3
0
1
cPanel Access Level
Root Administrator
Hello,

I have problem to create mod_security rules. I want to block people from upload or access these php codes in my server.

- Removed -

Can anyone help me?
 
Last edited by a moderator:

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
ModSecurity cannot block requests based on the content of the file that is being requested unless you use response body filtering.

The main thing is to prevent compromise in the first place with a good rule set and your users keeping their CMS software updated. I know compromises will always happen some percentage of the time especially if you host a lot of sites, but trying to prevent access to the php shells after the fact is kind of a moot point; you need to determine the method of hack (bad/weak/compromised password, old vulnerable plugin, etc), then restore a known good backup, and patch the initial issue (update it, new passwords, etc.).