modSecurity blocks some of my posts

Forum Moderators: phranque

Message Too Old, No Replies

modSecurity blocks some of my posts

No way to publish some php examples with modSecurity

Marino

4:35 pm on Oct 6, 2008 (gmt 0)

Hello all,

My hosting company has just installed modSecurity on its servers. Now, I can't publish php examples any more through my CMS.

Is there a bias to avoid this through .htaccess? Hmmm... Guess no, right?

Heard about a "modsecurity_localrules.conf", which makes it possible to create exceptions:

<LocationMatch "/index.php/admin/upload/.*">
SecRuleRemoveById 960912
SecRuleRemoveById 960913
...
</LocationMatch>

But disabling a rule may be hazardous... Or it has to be .htaccess-protected against any threat (MySQL injection, PHP injection, encoding hack, etc.). More than this, one has to have the list of the rules ids.

Right?

Marino

12:30 pm on Oct 9, 2008 (gmt 0)

I answer to myself.

My web hosting company made it possible for me to publish a "modsecurity_localrules.conf" file. The LocationMatch directive request a regexp. The id of the rule is given within the "error_log" file.

If you have to disable a rule, you also have to re-implement it on your own. For instance, I had to disable a rule that was blocking a form. I had to forbid some character not to create a vulnerability when submitting the form.

jdMorgan

12:54 pm on Oct 9, 2008 (gmt 0)

Glad you found a solution! Thanks for posting it.

Jim

George_hu

12:23 pm on Oct 20, 2008 (gmt 0)

You can also disable mod_security by adding this line below to .htaccess

SetEnvIfNoCase Remote_Addr ^111\.222\.333\.123$ MODSEC_ENABLE=Off

111.222.333.123 just and example of your IP, which being used to post php examples