LiteSpeed Support Forums

LiteSpeed Support Forums (http://www.litespeedtech.com/support/forum/index.php)

- General (http://www.litespeedtech.com/support/forum/forumdisplay.php?f=25)

- - modsec issues (http://www.litespeedtech.com/support/forum/showthread.php?t=6303)

optize

10-08-2012 11:21 AM

modsec issues

Can someone help me figure out why this modsec rule don't work in Litespeed, but work in Apache?

SecRule REQUEST_FILENAME ".{1,}paypal\.com{1,}" "phase:1,t:none,log,deny"

It's a simple request, to block the request if there is paypal.com anywhere in the URL string.

example: domain.com/hi/paypal.com/file.html or domain.com/hellopaypal.com/

Is there another way I should be doing this via Litespeed?

mistwang

10-08-2012 08:09 PM

you can try a rewrite rule.
LiteSpeed modsec engine only block URL that does not result in 404 or static file.

optize

10-08-2012 08:13 PM

Quote:

Originally Posted by mistwang (Post 35340)

you can try a rewrite rule.
LiteSpeed modsec engine only block URL that does not result in 404 or static file.

Is there a way to turn that off? We're trying to block phishing attempts, which are all static files.

mistwang

10-08-2012 08:17 PM

We can add an option in next release.

optize

02-23-2013 05:21 PM

Quote:

Originally Posted by mistwang (Post 35342)

We can add an option in next release.

Was this added?

All times are GMT -7. The time now is 01:36 AM.