The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Latest Mod Sec Rules

Discussion in 'Security' started by polkocholo, Jun 27, 2012.

  1. polkocholo

    polkocholo Active Member

    Joined:
    Nov 22, 2010
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    Who can i do find latest mod sec ?
    i hosted + 500 Sites, etc: joomla, wp, nuke and ...

    Already i configured this rules:
    SecPcreMatchLimit 150000
    SecPcreMatchLimitRecursion 150000
    SecComponentSignature 201002131758
    SecCacheTransformations Off
    SecRequestBodyAccess On
    SecResponseBodyAccess On
    SecResponseBodyMimeType (null) text/html text/plain text/xml
    SecResponseBodyLimit 2621440
    SecServerSignature Apache
    SecUploadDir /var/asl/data/suspicious
    SecUploadKeepFiles Off
    SecAuditLogParts ABIFHZ
    SecArgumentSeparator "&"
    SecCookieFormat 0
    SecRequestBodyInMemoryLimit 131072
    SecDataDir /var/asl/data/msa
    SecTmpDir /tmp
    SecAuditLogStorageDir /var/asl/data/audit
    SecResponseBodyLimitAction ProcessPartial


    SecRule ARGS "\.(dat|gif|jpg|png|bmp|txt|vir|dot)\?\&(cmd|inc|name)="

    SecRule REQUEST_FILENAME "/(r57shell|TrYaG|TrYg|m0rtix|r0nin|c99shell|phpshell|sa3ekashell|crackit|c777|void\.ru|phpremoteview|directmail|bash_history|\.ru/|brute|c991)\.php"
    SecRule REQUEST_FILENAME "\.pl"
    SecRule REQUEST_FILENAME "perl .*\.pl(\s|\t)*\;"
    SecRule REQUEST_FILENAME "\;(\s|\t)*perl .*\.pl"
    SecRule RESPONSE_BODY "TrYaG"
    SecRule RESPONSE_BODY "shell"
    SecRule RESPONSE_BODY "Sniper"
    SecRule RESPONSE_BODY "SnIpEr_SA"
    SecRule RESPONSE_BODY "c99"


    SecRule RESPONSE_BODY "r57shell - http-shell by RST/GHC"
    SecRule RESPONSE_BODY "/* (c)oded by 1dt.w0lf"
    SecRule RESPONSE_BODY "/* RST/GHC http"
    SecRule RESPONSE_BODY "x2300 Locus7Shell"
    SecRule RESPONSE_BODY "UNITED ALBANIANS aka ALBOSS PARADISE"
    SecRule RESPONSE_BODY "C99 Modified"
    SecRule RESPONSE_BODY "c999shell v."
    SecRule RESPONSE_BODY "RootShell Security Group"
    SecRule RESPONSE_BODY "Modded by Shadow & Preddy"
    SecRule RESPONSE_BODY "Owned by hacker
    SecRule RESPONSE_BODY "bds
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. polkocholo

    polkocholo Active Member

    Joined:
    Nov 22, 2010
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might do best to ask over there at atomicorp.com any questions you may have. Or, have a good look around the forums for posts already posted by Staff from atomicorp.com such as this recent post going to great lengths to explain the product on these forums, again. The topic comes up all the time and there are plenty of answered questions here and on the atomicorp.com website that you'll find very useful.

    Re: Atomic Secured Linux and cPanel. Does it work? - cPanel Forums
     
Loading...

Share This Page