02-10-2009, 05:19 AM
|
|
Member
|
|
Join Date: Jan 2009
Posts: 28
|
|
mod_security Request Filters
Hey everyone - I'm working to secure my webserver with mod_security but have found very little info in the wiki, or the forums. Anyone interested in sharing their rules with everyone else?
I've been looking at the www.gotroot.com website (they have a great library of mod_security rules) but when I attempt to enable things things tend to break.
For example the following rule to block some spam words:
Code:
Action: log,deny,auditlog,phase:2,status:403,t:lowercase,t:replaceNulls,t:compressWhitespace,msg:'No Spam Please'
Rules Definition: SecFilterSelective "POST_PAYLOAD" "(viagra|porn|poker|texasholdem|cialis|bllogspot|casino|gambling-|health-insurancedeals|homeequityloans|hotel-dealse-site|insurance-quotesdeals-4u|mortgage-4-u|mortgagequotes|online-gambling|shemale)"
The rule works for blocking the rules, but people who have subscribed to receive feedburner emails on new posts get an email with all the spaces removed. The action is set to trim whitespace, but I would think that's just for the inspection of the payload.
|
Threaded Mode