Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod security making trouble with a word

Discussion in 'Security' started by bsasninja, Mar 6, 2007.

  1. bsasninja

    bsasninja Well-Known Member

    Sep 2, 2004
    Likes Received:
    Trophy Points:
    I have a rule that restricts "echo" command in mod_security. But this one is blocking also a valid word in spanish called "hecho"

    I have this on my modsec.user.conf

    SecFilterSelective THE_REQUEST "echo"

    but if I write hecho instead of echo in the browser address bar is blocked too, is there a way to whitelist the "hecho" word.

    Examples: -> gives a 406 not acceptable -> gives a 406 not acceptable

  2. mctDarren

    mctDarren Well-Known Member

    Jan 6, 2004
    Likes Received:
    Trophy Points:
    New Jersey
    cPanel Access Level:
    Root Administrator
    ModSec rules are regular expressions. Use that to your advantage. Change to this and it should ignore the rule unless "echo" is that the start of the line:

    SecFilterSelective THE_REQUEST "^echo"

    That will match "echo" but not "hecho". It will also match echoing, echoed, echoanything, etc. "echo" has to be at the start of the line. If you wanted the expression to match the end if the string you would put a "$" after it:

    SecFilterSelective THE_REQUEST "echo$"

    That rule would match hecho, blecho, supercalifragiecho, etc. :)

    Read up on regular expressions. They make life (and rules) a whole lot easier!

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice