Howto detect malware’s with WP-CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installations and much more, without using a web browser. This tool need ssh access to server using it. More information for this tool found their homepage. This tutorial we show how you can detect malware’s in WordPress installation. WP-CLI Installation Depend your … Read more

Log POST data with ModSecurity

Tutorial

Sometimes you may need to log all POST requests to debug or make ModSecurity rules to protect Web Server. For this you need that you have ModSecurity installed on server. Log POST data This simple rule logging all POST request data to ModSecurity AuditLog. SecRule REQUEST_METHOD “POST” \ “id:800000,phase:2,t:none,pass,nolog,auditlog,msg:’Malware.Expert – Log POST data'” This cause … Read more

Custom ModSecurity Error message in apache

Tutorial

This tutorial we show that you can change the custom error message page to ModSecurity. Typically, you get 403 or 406 Response code when ModSecurity block access to website. Apache configuration In apache configuration files (Depend your OS & Configuration) includes / errordocument.conf ErrorDocument 403 /403.shtml Add extra row to 406 error page: ErrorDocument 406 … Read more

Install ModSecurity with Apache on Ubuntu 16.04 LTS

Tutorial

In this guide we will see how to install ModSecurity Web Application Firewall (WAF) to secure your apache web server. You need an Apache Web Server installed on your Ubuntu 16.04 LTS before you proceed with installation of ModSecurity WAF. Installing Apache To install Apache on your Ubuntu, issue following commands $ sudo apt-get update … Read more

How to Whitelist IP Address with ModSecurity

Tutorial

If your business has a website, you may be familiar with the mod_security module for Apache Web servers. ModSecurity is a firewall module for Apache servers that blocks malicious programs, scripts and injections, helping to keep your website more secure. Occasionally, you might need to bypass the module filters to accommodate a testing environment or … Read more

How to block Majestic (MJ12bot) with mod_security

Tutorial

Internet have lots of unwanted traffic, which causes high load on your dedicated or virtual private server. Traffic can be from bot networks, A Web crawler or normal web traffic different sources. This tutorial we show how you can block Majestic search engine access to your server with modsecurity. What is MJ12bot? Majestic is a … Read more

Whitelist ModSecurity Rule With ClamAV Scans

In this article I’m going to discuss how to find and Whitelist specific ModSecurity rules that might be causing 406 errors on your websites on either your VPS (Virtual Private Server) or dedicated server. The rules that ModSecurity uses can help block potential attack attempts from malicious users upload malware to servers, but sometimes it … Read more