|
From: Jamuse <ja...@gm...> - 2010-10-27 13:50:11
|
On Wed, Oct 27, 2010 at 3:21 PM, robert mena <rob...@gm...> wrote: > Hi, > Is there a way to test with standard attack vectors to see if mod_security > is blocking the attemps for (example), sql injection? > I've enabled and tried with www.mysite.com/?u=1 OR 1=1 but no message is > logged in /var/log/httpd/error-log Hi Robert, Assuming your running the CRS, you can use a simple XSS request: http://www.example.com/?<script>alert(1)</script> Verify your request shows up in the ModSec debug log (set via the SecDebugLog directive). You may want to increase the SecDebugLogLevel setting for more verbose debugging information. You may also want to verify that the SecDefaultAction is set to drop / deny and that the CRS is included properly. -- - Josh -- - Josh |
