Thread: Re: [mod-security-users] Rule for mod security 3 in nginx, blocking a files containing a strings
Brought to you by:
victorhora,
zimmerletw
From: Christian F. <chr...@ne...> - 2017-06-14 15:36:09
|
Georgi, I suggest you enable the debug log on the highest level and check the execution of your rule in detail. Ahoj, Christian On Wed, Jun 14, 2017 at 06:18:43PM +0300, Georgi Georgiev wrote: > I tried the following rule, but I can’t find where the problem is as it does not block the string base64_decode: > > SecRule ARGS "@containsWord base64_decode" "phase:2,block,log,id:151" > > > > On Jun 14, 2017, at 5:39 PM, Georgi Georgiev <ge...@se...> wrote: > > > > Hello, > > I couldn’t find anywhere a rule that block files containing a specific strings for nginx (I found for apache only and it wasn’t full). Sorry for the stupid question, but can anyone give me it so I can configure it for my specific strings? I do not want to block the string in URI/URL as this is available in wasp, but only in file that contains it as a word. > > > > Thank you in advance! > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ -- https://www.feistyduck.com/training/modsecurity-training-course mailto:chr...@ne... twitter: @ChrFolini |