Current time: 11-16-2024, 01:01 AM Hello There, Guest! (LoginRegister)


Post Reply 
[HowTo] Mod Security on debian
Author Message
DaSilva Offline
Member
***

Posts: 302
Joined: Dec 2007
Reputation: 0
Post: #21
RE: Mod Security on debian
I always get this error with PHP-Fusion if modsecurity_crs_40_generic_attacks.conf is activated.

Quote:501 Method Not Implemented

POST to /HP/administration/panel_editor.php not supported.
Apache/2.2.0 (Fedora) Server at http://www.domain.tld Port 80

No ID is posted in error.log.

How can I solve that?
(This post was last modified: 06-15-2008 05:12 AM by DaSilva.)
06-15-2008 05:01 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Zothos Offline
Release Manager
*****
Dev Team

Posts: 1,262
Joined: Feb 2007
Reputation: 10
Post: #22
RE: Mod Security on debian
disable the corresponding rule.....
06-15-2008 06:02 PM
Find all posts by this user Quote this message in a reply
r3r3 Offline
Junior Member
*

Posts: 20
Joined: Dec 2008
Reputation: 0
Post: #23
RE: [HowTo] Mod Security on debian
Hello
I am getting this error

Code:
[Tue Dec 23 15:14:06 2008] [error] [client 127.0.0.1] ModSecurity: Access denied with code 400 (phase 2). Pattern match "^[\\d\\.]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity2/modsecurity_crs_21_protocol_anomalies.conf"] [line "60"] [id "960017"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [hostname "127.0.0.1"] [uri "/"] [unique_id "Y2ErmAoCApQAAAj1GDIAAAAT"]

Should i do something about it? It's obviousely my own server's localhost ip which is blocked by modescurity, anyone can advise what to do?
(This post was last modified: 12-24-2008 09:28 AM by r3r3.)
12-24-2008 12:20 AM
Find all posts by this user Quote this message in a reply
seba22 Offline
Junior Member
*

Posts: 39
Joined: Jul 2008
Reputation: 0
Post: #24
RE: [HowTo] Mod Security on debian
How to disable mod security for admin.ispcp ?

Disable code is:

<location />
SecRuleEngine Off
</location>


But where is virtualhost for admin.ispcp
01-07-2009 01:34 AM
Find all posts by this user Quote this message in a reply
Lucan Offline
Member
*
Beta Team

Posts: 982
Joined: Jul 2008
Reputation: 12
Post: #25
RE: [HowTo] Mod Security on debian
/var/www/ispcp/gui i think.
01-07-2009 03:36 AM
Find all posts by this user Quote this message in a reply
seba22 Offline
Junior Member
*

Posts: 39
Joined: Jul 2008
Reputation: 0
Post: #26
RE: [HowTo] Mod Security on debian
I found:

webserver:/etc/apache2/sites-enabled# nano 00_master.conf


Maybye add this to wishlist ?

Small checkbox in creation user accound ( enable mod security) and then in vhost enable mod security ?
01-07-2009 05:30 AM
Find all posts by this user Quote this message in a reply
Lucan Offline
Member
*
Beta Team

Posts: 982
Joined: Jul 2008
Reputation: 12
Post: #27
RE: [HowTo] Mod Security on debian
Since there went over quite much time, is there any .deb source for lenny?


Greets
10-25-2009 09:26 PM
Find all posts by this user Quote this message in a reply
Jillian Offline
Junior Member
*

Posts: 51
Joined: Mar 2009
Reputation: 1
Post: #28
RE: [HowTo] Mod Security on debian
Packages for Lenny:
deb http://etc.inittab.org/~agi/debian/libap...-security2 ./
10-27-2009 03:15 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Lucan Offline
Member
*
Beta Team

Posts: 982
Joined: Jul 2008
Reputation: 12
Post: #29
RE: [HowTo] Mod Security on debian
And can you also tell me, which of the changes i have to do for the deb source, to make it work with ispcp?


Thanks Wink
10-28-2009 03:05 AM
Find all posts by this user Quote this message in a reply
Lucan Offline
Member
*
Beta Team

Posts: 982
Joined: Jul 2008
Reputation: 12
Post: #30
RE: [HowTo] Mod Security on debian
no idear?

greetings
11-01-2009 02:23 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 12 Guest(s)