make directory in apache conf folder: mkdir /usr/local/apache/conf/modseclists Then cd into extracted directory (cd SpiderLabs-owasp-modsecurity-crs*). download by wget and extract ("tar xzf master" for example). Rule sets can be downloaded example from Rest of this post is outdated information.ġ) Option 1: check this topic for ASL Rule list SecRule ip:bf_counter 10" "t:none,setvar:ip.bf_block=1,expirevar:ip.bf_block=300,setvar:ip.bf_counter=0"Īfter applying rules, Go to WHM / Security Center / Mod Security Tools / Hits List and monitor it from time to time to verify no innocent visitors are blocked. SecRule ip:bf_block 0" "deny,status:401,log,id:5000135,msg:'IP address blocked for 5 minutes, more than 10 login attempts in 3 minutes.'" SecRule REQUEST_URI "(ajax.php|editpost.php|newthread.php|newpost.php| otherfilename.php)" "id:945998,nolog,allow,ctl:ruleEngine=Off,ctl:audi tEngine=Off" # Disables ModSecurity for certain file names
0 Comments
Leave a Reply. |