Hi Anwar,

I don't know about your current configuration file.

Make sure your SecRuleEngine is On
try to change the rule for:

SecRule ARGS_POST|REQUEST_LINE|
RESPONSE_BODY|REQUEST_BODY|REQUEST_URI "test_vb" ïd:1111,deny"

Thanks

Breno


On Thu, Mar 15, 2012 at 7:33 AM, Anwar Bin Rajih <xanwarx@gmail.com> wrote:
Dear All Members

I encounter some problem after my server modsecurity got upgraded automatically via cpanel i was on 2.3.6

my websites got hacked because my rules that i was created does not working after update

i only want to filter or deny some words for example "test_vb" from begin requested via url and post 

i added this line in moduser2.user.conf

SecRule ARGS_POST|REQUEST_LINE|RESPONSE_BODY|REQUEST_BODY|REQUEST_URI "test_vb"

before upgrading i was not able request test_vb anywhere on the server for expamle in the login forms or in the url address

but now my rules seem to be not working is there any alternative method to do this ?

Thanks All
Best Regards
Anwar Hizam

------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/