Re: [mod-security-users] BLOCK JAVA SCRIPT of FORM OBJECTS with mod security
Brought to you by:
victorhora,
zimmerletw
From: Christian B. <ch...@jw...> - 2009-05-27 19:44:26
|
Hi Brian, that's pretty similar to what I suggested (I just forget to Cc the list) :-) Since this is not obvious, the solution might be interesting to others as well: The reason for his solution not working was the missing "SecRuleRequestBodyAccess", since by default ModSecurity does not process the request-body. # enable the rule-engine SecRuleEngine On # enable request-body parsing SecRequestBodyAccess On # limit the request-body processing to X bytes SecRequestBodyLimit X It is probably also worth noting, that these directive are also needed when simply auditing a web-application with ModSecurity, since the request- body will not be audit-logged if the rule-engine is disabled. Regards, Chris Am 27.05.2009 um 21:20 schrieb Brian Rectanus: > SONNY LASKAR wrote: >> Hi, >> I have configured MODSECURITY 2.5.9 with apache 2.2.11 and it is >> working fine. >> But I wanted to block if any form object is submiting any javascipt >> with the POST method. >> I have tried with the ARGS and ARGS_NAMES but no luck. >> I have uploaded the screenshot in a pdf at >> http://quantex.1stfreehosting.com/MOD.pdf >> Please have a look and let me know what should I do. >> Thanks >> >> Regards >> Sonny >> INDIA > > You have debugging disabled (SecDebugLogLevel 0). Try enabling it to > level 9 and see the output in /usr/local/apache/logs/modsec_debug.log > which should show you which rules are executing, the data that is > being > looked at and if there was a match, etc. > > Also look in the Apache error_log to verify ModSecurity 2.5.9 is > loading. > > If you are not getting any debug log output, then you perhaps have > ModSecurity configured in the wrong virtual host or somehow that > config > block is not being reached? > > -B > > -- > Brian Rectanus > Breach Security > > ------------------------------------------------------------------------------ > Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT > is a gathering of tech-side developers & brand creativity > professionals. Meet > the minds behind Google Creative Lab, Visual Complexity, Processing, & > iPhoneDevCamp as they present alongside digital heavyweights like > Barbarian > Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Appliances, Rule Sets and Support: > http://www.modsecurity.org/breach/index.html |