hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Help With Mod Security Rules
Reply

Hosting Security and Technology Configuring and optimizing web hosting servers and operating systems, developing administration scripts, building servers, protecting against hackers, and general security (SSL certificates, etc.)
Forum Jump

Help With Mod Security Rules

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 05-17-2004, 03:17 PM
BaddaBing BaddaBing is offline
WHT Addict
  
Join Date: Sep 2003
Posts: 129

Help With Mod Security Rules

I have been setting up mod_security lately trying to make it work and so far so good except these two rules

SecFilter "delete[[pace:]]+from"
SecFilter "insert[[pace:]]+into"

I have a site on my server that runs a php scripting site, they share php code, etc with each other, whenever they try to send any php code through pms now via the forums it gives them an mod_security error message, I then go in the logs and look for what is breaking it and it was SecFilter "insert[[pace:]]+into", is there any way to tweak that rule to allow that site only to run without it. Btw those rules are for mysql injection attacks, also if you guys have any other rules for mysql injection attacks please post them thanks.



Hopefully that made some sense if it didn't please forgive me I'm running on 2 hours of sleep and a 101 * Fever

__________________
http://www.baddabinghosting.com
info@baddabinghosting.com
MSN - Support@baddabinghosting.com
AIM - Badda Bing 0003

Reply With Quote


Sponsored Links
  #2  
Old 05-17-2004, 03:43 PM
pmabraham pmabraham is offline
Web Hosting Master
  
Join Date: Dec 2001
Posts: 5,221
Greetings:

See http://www.modsecurity.org/documenta...-examples.html

Apply the same concept / logic that is used on image upload example at the end of the page.

Thank you.

__________________
---
Peter M. Abraham
LinkedIn Profile


Reply With Quote
Reply

Related posts from TheWhir.com
Title Type Date Posted
8x8 VoIP Service Adds HIPAA, HITECH Compliance Web Hosting News 2013-05-08 12:10:54
US Military Weighing New Cyber-Security Powers Web Hosting News 2012-08-13 12:35:54
New Accounting Rules Could Hurt Cloud Hosting Resellers Web Hosting News 2012-03-29 14:16:43
Cloud Security Firm Gazzang Joins AWS Service Provider Program Web Hosting News 2012-01-05 22:02:32
Web Host Go Daddy Implements Trend Micro Deep Security Solution Web Hosting News 2011-08-17 16:21:53


« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:

cPanel Addresses User Concerns of Transfer and Backup Restore System Security

US Attorney says Government Should Have Warrants to Search Email

8kMiles Acquires Cloud Security Firm FuGen Solutions for $7.5 Million

Name.com Resets Customer Passwords After Security Breach

Outbound Spam Causing Sleepless Nights?

Malwarebytes Launches Data Scan-and-Backup Service

Commtouch Report: Spam, Malware Continues to Increase in Q1 2013

Researchers Urge System Admins to Check for New Apache Web Server Backdoor Malware

APWG Study Finds Phishers Increasingly Target Shared Virtual Servers

Man Arrested in Connection to Spamhaus DDoS Attacks



 

Learn more about advertising opportunities across the iNET Interactive Network.

LiquidWeb
X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?