mod_security vti_bin

codegirl42 · Dec 28, 2006

anyone got a rule against this?

/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=6254&STRMVER=4&CAPREQ=0 HTTP/1.1

Access allowed. Pattern match "_vti_bin" at REQUEST_URI

Spiral · Dec 29, 2006

I don't understand the question ....

You could just write a rule if you want to block something specific like that.

codegirl42 · Dec 30, 2006

I was hoping someone already had a rule that they could share.
Im actually interested in something else now too....

why would another sitename/host appear in our modsecurity list....

these are the ones i've seen:

www.netevin.com
www.saasveld.info
www.deverevenues.co.uk

Thread starter	Similar threads	Forum	Replies	Date
K	Mod_security and scan of port 443	Security	12	Jan 31, 2023
J	deciphering mod_security logs	Security	9	Dec 15, 2022
S	In Progress EA-10889 - mod_security disabled by default? Why?	Security	9	Aug 16, 2022
C	Mod_Security rules for Joomla login failures	Security	2	Apr 4, 2022
7	Mod_Security Block Time and CSF	Security	4	Sep 23, 2021

Search

Search

mod_security vti_bin

codegirl42

Well-Known Member

Spiral

BANNED

codegirl42

Well-Known Member