Thank you Sergio but I have no admin access to the server, I only can edit the htaccess file and the mod security version is below 2.5 which doesn't support @pmFromFile

And I don't want a bloated up htaccess file. I only add rules manually after a bad spider has hit an invalid page on my website.

So can't anyone just tell me what's wrong with my single line?

Thank you very much!




On 29/01/2010 2:16 p.m., Sergio wrote:
you can use GotRoot modsec rules, they have a very nice rule for doing what you want, and the best of all is that the rule is made with a @pmFromFile that you can use what they gave you or you can set your own malware-blacklist file.


On Thu, Jan 28, 2010 at 4:52 PM, Michael Heuberger <> wrote:

I tried following rule:
SecFilterSelective REQUEST_URI "\=(http|ftp|https)\:/" "msg:'Inclusion attacks
not allowed'"

But somehow it doesn't work. I want to filter out URLs like

Any inclusion attach beginning with "=http:" or "=ftp:" or "=https:" should be
filtered out with the above rule.

Maybe I did something wrong?

Thank you for your help

Michael H.

The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
mod-security-users mailing list
Commercial ModSecurity Appliances, Rule Sets and Support:


Binary Kitchen
Michael Heuberger
10N Sylvan Avenue East
Mt Eden
Auckland 1024
(New Zealand)

Mobile (text only) ...  +64 21 261 89 81
Email ................
Website ..............