Skip to main content

Questions tagged [mod-security]

Ask Question

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server. ModSecurity is a web application layer firewall.

mod-security
499 questions
Newest Active Bountied Unanswered
0 votes
1 answer
37 views

How to allow specific Content types in Mod Security?

I am using: Ubuntu 24.04 Plesk Obsidian 18.0.62 Apache/2.4.59 ModSecurity Fail2ban Free ModSecurity Rules from Comodo I want to add a ModSecurity rule to accept text/x-gwt-rpc content type. Adding ...
Gauthier's user avatar
Gauthier
  • 73
0 votes
2 answers
67 views

ModSecurity + Fail2Ban ban client IP sending post to Servlet

I am using: Ubuntu 24.04 Plesk Obsidian 18.0.62 Apache/2.4.59 Tomcat/10.1.16 tomcat-connectors-1.2.49 libapache2-mod-jk ModSecurity Fail2ban Free ModSecurity Rules from Comodo And I have a servlet ...
Gauthier's user avatar
Gauthier
  • 73
0 votes
1 answer
35 views

Getting ModSecurity: Access denied with code 403 because the content of a POST contains the word "Filestore"

Web server is throwing an error ModSecurity; Access denied with code 403, [Rule:'ARGS' '@pmFromFile bl_db_domains'] [id '77316744"] [msg "IM360 WAF: Block by unknown DB injecion entry || ...
Rampisad Mukerjee's user avatar
Rampisad Mukerjee
  • 1
0 votes
1 answer
62 views

ModSecurity blocks after despite rule exclusions

I try to create a rule allowing any parameter value containing scrip%u0074 (Unicode value of t) to be passed. I create such a rule: SecRule REQUEST_URI "@contains scrip%u0074" \ "id:...
Texicans's user avatar
Texicans
  • 75
0 votes
0 answers
50 views

owasp/modsecurity-crs:nginx libmodsecurity3 version 3.0.12 open() "/var/run/nginx.pid" failed (13: Permission denied)

I have been trying to set up owasp/modsecurity-crs:nginx to provide WAF security to my application The reverse proxy is defined by # Use the OWASP ModSecurity CRS image with Nginx FROM owasp/...
RFH Ormesher's user avatar
RFH Ormesher
  • 1
0 votes
1 answer
40 views

ModSecurity turn off rules by IP for given URI for Apache server behind load balancer

For a given URI when a post request is executed, the given IP will be whitelisted for given ctl rules, where the server is behind a loadbalancer. Here's a rule that allows traffic to the server. The ...
louie anderson's user avatar
louie anderson
  • 43
0 votes
1 answer
49 views

How to unblock a user-agent on time based logic using ModSecurity

Here's the situation: If a particular user-agent sends more than 10 requests to the domain within 5 minutes, the rule must apply a response with a code 429. For that specific agent to that specific ...
Konstantinos K.'s user avatar
Konstantinos K.
  • 1
0 votes
1 answer
57 views

Regex config fail2ban for multiline modsecurity

I'm trying to improve fail2ban configuration for modsecurity in nginx so that regex-expression covers the whole block, is without maxline and finally gives more accurate triggering. Made a regex and ...
sivsoft's user avatar
sivsoft
  • 25
0 votes
1 answer
23 views

ModSecurity Mutex Permission Denied

ModSecurity: collection_retrieve_ex: Failed to lock proc mutex: Permission denied [hostname "filip Please advice how do resolve this issue, all of sites what error on this. almalinux8 ispmanager ...
AnonyCCi's user avatar
AnonyCCi
  • 1
0 votes
0 answers
31 views

Issue with Sending Events to InfluxDB via Riemann

I'm facing two issues while attempting to send events to InfluxDB using Riemann: Warning about Line Protocol: I keep receiving the following warning message: WARNING: The writes: java.util.stream....
Aniruddh Singh's user avatar
Aniruddh Singh
  • 1
0 votes
1 answer
49 views

Update_user_meta() containing an Url triggers Modsecurity Rule

Since a recent update of wordpress or potentially Woocommerce, i cant save anymore custom fields that includes urls on the "edit-account" page of woocommerce, it triggers a ModSecurity Rule, ...
Yoolk's user avatar
Yoolk
  • 3
0 votes
3 answers
174 views

ModSecurity WAF log configuration

I'm using a ModSecurity WAF for my application that is defined within a k8s ingress. The configuration looks like this: nginx.ingress.kubernetes.io/enable-owasp-core-rules: "true" nginx....
j0zeft's user avatar
j0zeft
  • 639
0 votes
1 answer
119 views

How to do rate limit for each website using Mod Security Module in Apache?

I have setup Mod Security (v2.9.5) for Apache 2.4.52 version on Ubuntu 22.04. I want to do 'Rate Limit' for each website using Mod Security Rule, It should ask client to Retry after 'n' time (seconds ...
Rahul Thakkar's user avatar
Rahul Thakkar
  • 61
0 votes
0 answers
48 views

Apache2 Modsecurity configuration file error

I am trying to activate modsecurity by following the official documentation on https://www.linode.com/docs/guides/securing-apache2-with-modsecurity/ Firstly, the file I have is /etc/apache2/sites-...
Ismael Magro's user avatar
Ismael Magro
  • 1
0 votes
1 answer
35 views

Can we use back-references with Modsecurity 2.9 rsub operator?

I would like to know if we can use back-references with Modsecurity 2.9 rsub operator (Apache). For example I have these 2 JSON response bodies: BODY1 "Africa": { "error": "...
Spin Egel's user avatar
Spin Egel
  • 1

15 30 50 per page
1
2 3 4 5
34