LiteSpeed Technologies
Download Download     Blog Blog     Wiki Wiki     Forum Forum     Store     Contact Contact    

Go Back   LiteSpeed Support Forums > External Applications > Apache Migration/Compatibility > Request Filter and Mod_security

Reply
 
Thread Tools Display Modes
  #1  
Old 06-14-2010, 04:58 AM
felosi felosi is offline
Senior Member
  
Join Date: Jun 2007
Posts: 249
Default Request Filter and Mod_security
I know I discussed this before in here but cannot find the post. I have mod security rules included from httpd.conf, I have one user's site in which I had to disable mod security on. I need to add the new rule concerning the null byte exploit to it and also some generic rules to protect against this but not activate all mod security rules for the particular domain. What would be the best way to handle this? It is a cpanel server.

I have been told by some reliable sources that even with new update encoded urls can get through. Do not know if that is true or not but I wanted to make some extra protections for it.

Also can the request filter AND mod security be active at the same time? Will secfilter rules in htaccess effect the request filter? such as secfiltengine off.

Please advise.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -7. The time now is 02:10 AM.



- Archive - Top
© Copyright 2003-2011 LiteSpeed Technologies, Inc. All rights reserved. Privacy Policy.