then include rule sets into mod security config file (in my case /usr/local/apache/conf/ ): copy all rules from the extracted folder (SpiderLabs-owasp-modsecurity-crs*) by: cp -R *_rules /usr/local/apache/conf/modseclists make directory in apache conf folder: mkdir /usr/local/apache/conf/modseclists Then cd into extracted directory (cd SpiderLabs-owasp-modsecurity-crs*). download by wget and extract ("tar xzf master" for example). Rule sets can be downloaded example from Rest of this post is outdated information.ġ) Option 1: check this topic for ASL Rule list SecRule ip:bf_counter 10" "t:none,setvar:ip.bf_block=1,expirevar:ip.bf_block=300,setvar:ip.bf_counter=0"Īfter applying rules, Go to WHM / Security Center / Mod Security Tools / Hits List and monitor it from time to time to verify no innocent visitors are blocked. SecRule ip:bf_block 0" "deny,status:401,log,id:5000135,msg:'IP address blocked for 5 minutes, more than 10 login attempts in 3 minutes.'" ![]() SecRule REQUEST_URI "(ajax.php|editpost.php|newthread.php|newpost.php| otherfilename.php)" "id:945998,nolog,allow,ctl:ruleEngine=Off,ctl:audi tEngine=Off" # Disables ModSecurity for certain file names ![]() # /how-to-prevent-spam-with-apaches-mod-security
0 Comments
Leave a Reply. |