Collaborate Disseminate
I received this error in my ModSecurity logs:
ModSecurity: Warning. Matched "Operator `Eq’ with parameter `0′ against variable `REQBODY_ERROR’ (Value: `1′ ) [file "/etc/nginx/modsec/modsecurity.conf"] [line "75"] [… Continue reading ModSecurity: How to increase SecRequestBodyLimit for specific website REQUEST_URI?
I have a false positive involving the content of one of my cookies:
ModSecurity: Warning. Matched "Operator `PmFromFile’ with parameter `lfi-os-files.data’ against variable `REQUEST_COOKIES:xid’ (Value: `ab92d4a54edee30a194329d6bfcf1e… Continue reading ModSecurity: How to whitelist specific cookie name?
I have a specific URL that keeps getting checked by weird bots, and that keeps triggering ModSecurity rules that fill up my logs. I would like to disable logging for that one specific URL to make it easier to review my logs, but continue b… Continue reading ModSecurity: How to disable logging for specific REQUEST_URI?
I have a server with 100 domain names. On each domain name, I have a unique list of pages/directories that I would like to whitelist (put ModSecurity into DetectionOnly mode temporarily). Basically, how would I write the rule for something… Continue reading ModSecurity: How to write exclusion rules for list of REQUEST_URIs on separate domain names?
ModSecurity 3.0.8
ModSecurity-Nginx 1.0.3
CRS 4.0.0-rc1
I have a marketplace where sellers can list anything for sale. On the "item description" section, we allow users to copy and paste their HTML formatting, like eBay does. We… Continue reading ModSecurity / CRS: Need custom rule to deal with false positive (user-inserted HTML formatted listings)