ModSecurity за apache
- Thread starter Babaka
- Start date
Put this files : in apache/modules/
mod_security2/mod_security2.so
mod_unique_id.so
mod_security2.so
Add in Xampp/apache/conf/httpd.conf in last order's order's :
LoadModule security2_module modules/mod_security2/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
SecRuleEngine On
SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
SecAuditEngine RelevantOnly
SecAuditLogType Serial
SecAuditLog logs/mod_security2.log
## -- General rules --------------------
SecRule ARGS "c:/" t:normalisePathWin
SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'"
SecRule ARGS "d:/" t:normalisePathWin
## -- phpBB attack --------------------
SecRule ARGS:highlight "(\x27|%27|\x2527|%2527)"
mod_security2/mod_security2.so
mod_unique_id.so
mod_security2.so
Add in Xampp/apache/conf/httpd.conf in last order's order's :
LoadModule security2_module modules/mod_security2/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
SecRuleEngine On
SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
SecAuditEngine RelevantOnly
SecAuditLogType Serial
SecAuditLog logs/mod_security2.log
## -- General rules --------------------
SecRule ARGS "c:/" t:normalisePathWin
SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'"
SecRule ARGS "d:/" t:normalisePathWin
## -- phpBB attack --------------------
SecRule ARGS:highlight "(\x27|%27|\x2527|%2527)"
