[mod-security-users] modsecurity on http-https redirect on apache
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] modsecurity on http-https redirect on apache
|
From: Franz A. <fra...@gm...> - 2021-03-18 07:54:43
|
Hi, Sorry but i'm new on modsecurity, i've installed a Debian apache server with modsecurity with no custom rules for testing/learning. If i try to use: curl https://www.example.test/index.html?exec=/bin/bash all working fine with: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> </body></html> and on modsecurity log: Message: Warning. Matched phrase "bin/bash" at ARGS:exec. [file "/etc/modsecurity/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "518"] [id "932160"] [msg "Remote Command Execution: Unix Shell Code Found"] [data "Matched on the same server i've configured a simple http to https redirection Redirect / https://www.example.test/ with redirect the same test fail: redirects acts before modsecurity? How can i solve this? Thanks in advance Franz |
