Results 1 to 2 of 2
  1. #1

    Mod_Security @inspectFile

    Hello all. I'm new here.
    I'm a SysAdmin assistant at my university but I've grown in the area of mod_security to a point where there is no one above me that can help me within my university.

    I've run into an issue with mod_security's @inspectFile directive.

    What I'd like to do is have two scripts, one "reject-file.sh" script and one "scan-file.sh" script. By default, uploads to our server should be rejected unless specifically exempted, usually with a LocationMatch. However, if a location is exempted, uploaded scripts should be scanned with scan-file.sh. Currently I'm not able to achieve this. Here is what I have so far; can anyone assist me further?

    Code:
    SecRule FILES_TMPNAMES "@inspectFile /etc/httpd/conf/modsec_scan.sh" "phase:2,deny,log,status:403,msg:'Scans Uploads',id:'uni-ITS-scan-uploads'"
    SecRule FILES_TMPNAMES "@inspectFile /etc/httpd/conf/modsec_reject.sh" "phase:2,deny,log,status:403,msg:'Rejects Uploads',id:'uni-ITS-reject-uploads'"
    The idea was to have both rules and exempt users from the auto-reject like so:

    Code:
        <LocationMatch "^/[~]?account/workspace/work/upload-filter/upload.php">
           SecRuleRemoveById uni-ITS-reject-uploads
        </LocationMatch>
    I can't think of anywhere else to ask this sort of question. Can any of you guys help me?

  2. #2
    Hola. Anyone out there?

Similar Threads

  1. When bots attack (a catch 22...) mod_security vs. no mod_security
    By BTCentral - Ron in forum Hosting Security and Technology
    Replies: 12
    Last Post: 04-12-2010, 11:32 AM
  2. Who uses mod_security?
    By coight in forum Hosting Security and Technology
    Replies: 148
    Last Post: 01-26-2006, 05:40 AM
  3. mod_security
    By host1net in forum Hosting Security and Technology
    Replies: 2
    Last Post: 09-04-2005, 11:19 AM
  4. mod_security
    By goolex in forum Hosting Security and Technology
    Replies: 0
    Last Post: 12-22-2004, 08:14 AM
  5. mod_security
    By neutro in forum Hosting Security and Technology
    Replies: 2
    Last Post: 12-21-2004, 06:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •