RE: [mod-security-users] Need some help with mod security and PostNuke .761
Brought to you by:
victorhora,
zimmerletw
From: Christopher P. <chr...@ve...> - 2005-11-18 16:40:33
|
Ivan, Thanks for the tips. Do you have any starting points on how I can be more specific with my filters? I've been reading through various HOWTOs & articles on mod_security but don't fully grasp it quite yet. If I can get one or more examples on the direction I should head (or a really good article I should look at) I would appreciate it. Thanks, Christopher Patricca Server Administrator -----Original Message----- From: mod...@li... [mailto:mod...@li...] On Behalf Of Ivan Ristic Sent: Friday, November 18, 2005 3:00 AM To: Christopher Patricca Cc: mod...@li... Subject: Re: [mod-security-users] Need some help with mod security and PostNuke .761 Christopher Patricca wrote: > Hello folks, > > Well I've been doing some tightening of security on my webserver but it > seems that I've made things too tight. The problem is that I can't > figure out how to best let PostNuke do what it needs to do. Right now > several of my filters stop the execution of a large number of commands > that I need to have available in postnuke. I'll start off by posting my > current modsecurity.conf file: It's generally difficult to protect content management systems using generic negative signatures only. > SecAuditEngine On You do know this logs every request? Just checking :) > SecFilterCheckUnicodeEncoding On This should be enabled only if UTF-8 is used in the web site. > SecFilter /bin/sh > SecFilter hidden > SecFilter "\.\./" > SecFilterSelective ARGS "bin/" These are just too broad. It's what's causing your problems. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today Register for a JBoss Training Course. Free Certification Exam for All Training Attendees Through End of 2005. For more info visit: http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.4/175 - Release Date: 11/18/2005 |