Results 1 to 2 of 2
Thread: Mod_Security @inspectFile
-
05-19-2011, 12:34 PM #1New Member
- Join Date
- May 2011
- Posts
- 2
Mod_Security @inspectFile
Hello all. I'm new here.
I'm a SysAdmin assistant at my university but I've grown in the area of mod_security to a point where there is no one above me that can help me within my university.
I've run into an issue with mod_security's @inspectFile directive.
What I'd like to do is have two scripts, one "reject-file.sh" script and one "scan-file.sh" script. By default, uploads to our server should be rejected unless specifically exempted, usually with a LocationMatch. However, if a location is exempted, uploaded scripts should be scanned with scan-file.sh. Currently I'm not able to achieve this. Here is what I have so far; can anyone assist me further?
Code:SecRule FILES_TMPNAMES "@inspectFile /etc/httpd/conf/modsec_scan.sh" "phase:2,deny,log,status:403,msg:'Scans Uploads',id:'uni-ITS-scan-uploads'" SecRule FILES_TMPNAMES "@inspectFile /etc/httpd/conf/modsec_reject.sh" "phase:2,deny,log,status:403,msg:'Rejects Uploads',id:'uni-ITS-reject-uploads'"
Code:<LocationMatch "^/[~]?account/workspace/work/upload-filter/upload.php"> SecRuleRemoveById uni-ITS-reject-uploads </LocationMatch>
-
05-20-2011, 11:25 AM #2New Member
- Join Date
- May 2011
- Posts
- 2
Hola. Anyone out there?
Similar Threads
-
When bots attack (a catch 22...) mod_security vs. no mod_security
By BTCentral - Ron in forum Hosting Security and TechnologyReplies: 12Last Post: 04-12-2010, 11:32 AM -
Who uses mod_security?
By coight in forum Hosting Security and TechnologyReplies: 148Last Post: 01-26-2006, 05:40 AM -
mod_security
By host1net in forum Hosting Security and TechnologyReplies: 2Last Post: 09-04-2005, 11:19 AM -
mod_security
By goolex in forum Hosting Security and TechnologyReplies: 0Last Post: 12-22-2004, 08:14 AM -
mod_security
By neutro in forum Hosting Security and TechnologyReplies: 2Last Post: 12-21-2004, 06:10 AM