The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_security request - how to block a specific URI

Discussion in 'Security' started by CoNfOuNd, Aug 5, 2011.

  1. CoNfOuNd

    CoNfOuNd Member

    Joined:
    Feb 20, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ireland
    There was a website on one of my servers running a 'topsites' script and it was receiving a huge amount of traffic and crashing Apache. I've removed the script but I'd really like to block the hundreds of bots still visiting the website.

    I realise this isn't exactly what mod_security is intended for but I'd like anyone visiting www.domain.com/topsites/ to be blocked after a few tries. Could someone tell me what I'd need to add to mod_security to achieve this?
     
  2. whwrobert

    whwrobert Active Member

    Joined:
    Aug 21, 2009
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    open the file /etc/httpd/conf/modsec2.conf and add the following line in it:

    SecRule SERVER_NAME "domain.com"

    this will block all the requests to that domain. This will block the domain on the first request it self.
     
  3. CoNfOuNd

    CoNfOuNd Member

    Joined:
    Feb 20, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ireland
    Thanks very much. I just want to block the "topsites" folder on all accounts so I've added the following:

    SecRule REQUEST_URI "/topsites"

    Variables was also very useful.
     
Loading...

Share This Page