1

Apache2 mod_security simple default deny rules for specific directory

view story
linux-howto

http://serverfault.com – How to configure the simplest useful default-deny rule set for mod_security? I want to configure mod_security to allow only very specific queries to single directory: In short: I use Apache as a reverse proxy for directory /web_app/, in this directory will be a single php file named get.php. I want to pass to this script only queries that match the following regular expression: get\.php\?ver=1&id=[a-f\d]{16,16}&v=[-.a-z\d\ ]{1,20} In other words, queries with three fields only: id, ver and v. Where first is a digit 1, the second a 16 digit hexadecimal and the third is a string at most 2 (HowTos)

taskli's picture
Submitted by taskli on 08/21/2011

Stories similar to Apache2 mod_security simple default deny rules for specific directory

mod_security won't upgrade 31 weeks 3 days ago

I have re-compiled with easyapache twice now and for some reason mod_security is still at 1.9.5.

Hi

On my server i have mod_security with the default config file installed and csf firewall

I am getting around 6-10 good UK Ips being blocked by csf through mod_security

Can anyone tell me why they are being blocked and what i can do to edit the config to fix this ?

Here is the csf block

IP ADDY HERE # lfd: (mod_security) mod_security triggered by IP ADDY HERE (GB/United Kingdom/-)

Ahoi,

Currently I'm looking into implementing mod_security on all our apache servers. The installation on CentOS 5.5 comes directly with the "Core Rule Set" by the mod_security devs (curiously Debian and Ubuntu do not carry these)

They also offer the Enhanced Rule Set for mod_security in a commercial package

I have an apache2 server with several sites enabled on it, including the default one (000default).

I've got a question about apache2 and Virtualhosts.

I declared some in my /apache2/sites-available/ownsites in order to get access via different domains and subdomains, for example:

<VirtualHost *:80> ServerName www.domain1.de ServerAlias domain1.de DocumentRoot /var/www/domain1/ ServerAdmin myemailaddress.de <Directory /> Order deny,allow

I'm trying to deny access to a specific URL on our site running on Nginx but allow it from specific IP's, I've been trying to fiddle around using Location but it seems that's just trying to find a proper directory and not the URL.

This is what I came up with, but just gives back a 404.

location /specificurl { root /var/www/site1.com/current; allow 123.123.123.123; deny all;

On Apache2, I have a VirtualHost with a number of <Directory> directives/sections containing multiple access control statements

i.e.

<Directory /foo> Order Deny,Allow Deny from all Allow from ... Allow from ... ... </Directory> ...

Is there a way to specify the access control at a higher level (above <Directory>)?

I am running Linux mint and I'm trying to setup up a virtual host with apache.

I have added the following file in /etc/apache2/sites-available/ ( it's copied from the 'default' file in that directory)

<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName testsite.dev DocumentRoot /home/chris/Projects/web/testsite

<Directory /home/chris/Projects/w

Hi, I am running squid, iptable and apache on a single machine (Ubuntu 10.04) with 1 NIC (192.x.x.1).