Top

Tag Archives | ModSecurity rules

ModSecurity Rules for Formidable Forms / Shortcodes Ultimate vulnerability

Sucuri reported Formidable Forms / Shortcodes Ultimate Exploits In The Wild On Monday, November 20th. – Formidable Forms vulnerability – read more – Shortcodes Ultimate vulnerability – read more We have not yet seen exploitation of the vulnerability, but we also decided to make the modsecurity rule for this vulnerability. If you server have certain […]

Continue Reading

cPGuard – Essential Security Suite for cPanel Servers

cPGuard is an essential security addon for web hosting servers to help administrators to fight against malware threats and injections. As it exclusively works based on File System changes ( no more mod_security or FTP hooks dependency alone ), we can detect and scan any real-time changes on the server. In addition to malware/virus scanning, […]

Continue Reading

Ban with ModSecurity HTTP or HTTPS requests 404 Response code

This tutorial we want Ban with ModSecurity IP addresses for specific time with ModSecurity that causes multiple 404 errors on the web site. Ban with ModSecurity Depend you Apache/Nginx and PHP configuration, you may use phase:1 with rule 4000 & 4002. Also you need enable SecResponseBodyAccess On to ModSecurity configuration files. SecAction “phase:2,initcol:ip=%{REMOTE_ADDR},id:’4000′,pass,nolog” SecRule RESPONSE_STATUS […]

Continue Reading

Why choose Malware Expert Commercial ModSecurity Rules ?

No matter how well a web server is configured, it is useless if it’s not properly secured. It’s a famous saying, ‘a chain is as strong as its weakest link’. As a system admin you have to address all vulnerabilities of your server. Since one single untreated vulnerability will be exploited by an attacker and […]

Continue Reading

How to Whitelist IP Address with ModSecurity

If your business has a website, you may be familiar with the mod_security module for Apache Web servers. ModSecurity is a firewall module for Apache servers that blocks malicious programs, scripts and injections, helping to keep your website more secure. Occasionally, you might need to bypass the module filters to accommodate a testing environment or […]

Continue Reading

Deploying ModSecurity Rule Set in cPanel/WHM

Malware Expert ModSecurity protection rules are now integrated ModSecurity Vendors in cPanel/WHM and can be activated from the cPanel / WHM Security Center. Copy vendor configuration URL in image. (Ex. right click, Copy Url) Malware.Expert -> My Account -> Subscriptions Sign in to your cPanel account Login to your cPanel/WHM server. Click the ‘Security Center‘ […]

Continue Reading

How SecRemoteRules working ?

ModSecurity SecRemoteRules directive allows the user to load rules from a remote server. Requirements Internet connection ModSecurity at least 2.9.x How SecRemoteRules Works 1. When HTTP daemon starts, it loads the configuration files. 2. Configuration files have the SecRemoteRules directive, which tries to connect the Remote Server load rules. 3. When the connection is created […]

Continue Reading

Patchman

Hosting providers suffer on a daily basis from the consequences of the many security vulnerabilities found in commonly used CMS’s such as WordPress, Drupal and Joomla. Patchman Patchman detects these vulnerabilities and is able to safely patch them without assistance from your customer. Because of our unique approach, you can also be rest assured that […]

Continue Reading

Multipart: Invalid boundary in C-T (characters)

You can sometimes see this error ModSecurity log file: –b2b99b07-H– Message: Multipart parsing error (init): Multipart: Invalid boundary in C-T (characters). POST Payload Typically payload looks below, which cause that error –b2b99b07-B– POST /index.php HTTP/1.0 Host: malware.expert Accept: */* Referer: http://malware.expert/ User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0 Content-Length: 389 Content-Type: multipart/form-data; boundary=(UploadBoundary) Problem […]

Continue Reading

WAF (Web Application Firewall)

Cloud Web Application Firewalls Cloudflare Cloudflare’s enterprise-class web application firewall protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure. Read more – https://www.cloudflare.com/ AWS WAF AWS WAF is a web application firewall that helps protect your web applications from common […]

Continue Reading