Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security request - how to block a specific URI

Discussion in 'Security' started by CoNfOuNd, Aug 5, 2011.

  1. CoNfOuNd

    CoNfOuNd Member

    Joined:
    Feb 20, 2004
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Ireland
    There was a website on one of my servers running a 'topsites' script and it was receiving a huge amount of traffic and crashing Apache. I've removed the script but I'd really like to block the hundreds of bots still visiting the website.

    I realise this isn't exactly what mod_security is intended for but I'd like anyone visiting www.domain.com/topsites/ to be blocked after a few tries. Could someone tell me what I'd need to add to mod_security to achieve this?
     
  2. whwrobert

    whwrobert Active Member

    Joined:
    Aug 21, 2009
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    USA
    open the file /etc/httpd/conf/modsec2.conf and add the following line in it:

    SecRule SERVER_NAME "domain.com"

    this will block all the requests to that domain. This will block the domain on the first request it self.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. CoNfOuNd

    CoNfOuNd Member

    Joined:
    Feb 20, 2004
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Ireland
    Thanks very much. I just want to block the "topsites" folder on all accounts so I've added the following:

    SecRule REQUEST_URI "/topsites"

    Variables was also very useful.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice