how to block these php code using mod_security

K

kevinchong

Registered
Nov 8, 2014
3
0
1
cPanel Access Level
Root Administrator
Hello,

I have problem to create mod_security rules. I want to block people from upload or access these php codes in my server.

- Removed -

Can anyone help me?
 
Last edited by a moderator:
Q

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
ModSecurity cannot block requests based on the content of the file that is being requested unless you use response body filtering.

The main thing is to prevent compromise in the first place with a good rule set and your users keeping their CMS software updated. I know compromises will always happen some percentage of the time especially if you host a lot of sites, but trying to prevent access to the php shells after the fact is kind of a moot point; you need to determine the method of hack (bad/weak/compromised password, old vulnerable plugin, etc), then restore a known good backup, and patch the initial issue (update it, new passwords, etc.).
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
C CSF Blocking - PHP Warning Security 6
G Block access to all occurrences of xmlrpc.php using CSF Security 4
A Block WordPress wp-login.php attempts with CSF? Security 30
S Block php mail Security 3
V Jail Apache Virtual Hosts using mod_ruid2 blocks php forms from sending email Security 3
Similar threads
CSF Blocking - PHP Warning
Block access to all occurrences of xmlrpc.php using CSF
Block WordPress wp-login.php attempts with CSF?
Block php mail
Jail Apache Virtual Hosts using mod_ruid2 blocks php forms from sending email
Top Bottom