mod-security – Page 3 – WindowsTechs.com

ModSecurity CRS, allow header `accept-charset`

Posted on November 7, 2023 by nulll

I have ModSecurity v2 on apache with CRS v3.
Requests containing header accept-charset are blocked on paranoia level 1, I read this great discussion about the header and that on CRS v4 will be allowed by default.
How can I write an exclusi… Continue reading ModSecurity CRS, allow header `accept-charset`→

ModSecurity CRS, allow header `accept-charset`

Posted on November 7, 2023 by nulll

How do I create a site with secure user data upload on AWS? [closed]

Posted on September 28, 2023 by BigMistake

I want to have users upload data, but need to ensure it stays secure and cannot be mixed up with or touch other users’ data. How do I do this with AWS?

Continue reading How do I create a site with secure user data upload on AWS? [closed]→

What is Method Enforcement. How to simulate this attack?

Posted on May 30, 2023 by Mamta Singh

I need to know what is "method enforcement" inside WAF Preconfigured ModSecurity rules.
How to test this attack on magento website? What is security best practice to prevent this?

Continue reading What is Method Enforcement. How to simulate this attack?→

Modsecurity Nginx breaks WordPress’s Woocommerce checkout page. Need help finding working rule exclusions [migrated]

Posted on May 24, 2023 by DanRan

I am running an Ubuntu 20.04 based LEMP server on a Raspberry Pi 4.
I am working on a Wordpress Woocommerce website at https://www.mcmo.is. Currently on iOS using Safari or Google Chrome, I can’t get past the websites Woocommerce checkout … Continue reading Modsecurity Nginx breaks WordPress’s Woocommerce checkout page. Need help finding working rule exclusions [migrated]→

ModSecurity: How to disable error logging for single rule?

Posted on May 5, 2023 by Felix

Here is my configurations:
SecDefaultAction "phase:1,log,deny,status:403"
SecDefaultAction "phase:2,log,deny,status:403"

SecRule REQUEST_URI "@pm logging_test" \
"id:100,\
phase:1,\
pass,nolo… Continue reading ModSecurity: How to disable error logging for single rule?→

Compatibility of ModSecurity Core Rule Set 4

Posted on April 13, 2023 by AndreaF

OWASP Core Rule Set has many versions the latest is version 4.0 (release candidate), but I cannot find any indication about compatibility among various modsecurity releases.
Could these be used with any modsecurity version, or is there som… Continue reading Compatibility of ModSecurity Core Rule Set 4→

sqlmap tampers for the specific waf tutorial

Posted on February 8, 2023 by turtur

mod security is a waf that protects web applications as well as sql injection attacks. This guy mentions that he can bypass the mod security with specific behavior,
I wonder which two tampers of sqlmap this guy uses, one is urlencode, and … Continue reading sqlmap tampers for the specific waf tutorial→

sqlmap tampers for the specific waf tutorial [closed]

Posted on February 8, 2023 by turtur

mod security is a waf that protects web applications as well as sql injection attacks. This guy mentions that he can bypass the mod security with specific behavior,
So this is the payload from the link,
-1+union(select+1)+ — +

First he ur… Continue reading sqlmap tampers for the specific waf tutorial [closed]→

Updating regular expressions for the rules 920600, 921421, 921422 and 922110 in CRS 3.3.4

Posted on January 18, 2023 by user288156

After updating to CRS 3.3.4, I want to update the regular expression of the rules 920600, 921421, 921422 and 922110. but the command util/regexp-assemble/regexp-assemble.py update 920600 does not work. In other words, regexp-assemble.py do… Continue reading Updating regular expressions for the rules 920600, 921421, 921422 and 922110 in CRS 3.3.4→