Are you fed up with spams on your Email? Don’t worry! You can fight them using RBLs and DNSBL. RBL stands for Real-time Black-hole List and DNSBL stands for Domain Name Server Blacklist. It helps to decrease the issues of email spamming. It is effectively used all around the world to share the IP addresses … Read more
Description Last week published two critical vulnerabilities affecting MODX Revolution <=2.6.4 which include remote script execution and file/directory removal. Hackers thereby able to compromise the website or spoil or delete files or directories. In the MODX Revolution Version <= 2.6.4, filtering users have an incorrect access control capability in the parameters, which becomes the phpthumb class that causes the … Read more
Sometimes you need disable ModSecurity rules in specific url or program, because it causes false positives. This tutorial we show how you can whitelist rule or rules with apache LocationMatch directive. LocationMatch examples WordPress admin <locationmatch “/wp-(admin|login)/”> SecRuleRemoveById 150005 SecRuleRemoveById 150006 </locationmatch> phpmyadmin <locationmatch “/phpmyadmin/”> SecRuleRemoveById 150005 SecRuleRemoveById 150006 </locationmatch> Depend your server configuration, like … Read more
Sucuri reported Formidable Forms / Shortcodes Ultimate Exploits In The Wild On Monday, November 20th. – Formidable Forms vulnerability – read more – Shortcodes Ultimate vulnerability – read more We have not yet seen exploitation of the vulnerability, but we also decided to make the modsecurity rule for this vulnerability. If you server have certain … Read more
cPGuard is an essential security addon for web hosting servers to help administrators to fight against malware threats and injections. As it exclusively works based on File System changes ( no more mod_security or FTP hooks dependency alone ), we can detect and scan any real-time changes on the server. In addition to malware/virus scanning, … Read more
This tutorial we want Ban with ModSecurity IP addresses for specific time with ModSecurity that causes multiple 404 errors on the web site. Ban with ModSecurity Depend you Apache/Nginx and PHP configuration, you may use phase:1 with rule 4000 & 4002. Also you need enable SecResponseBodyAccess On to ModSecurity configuration files. SecAction “phase:2,initcol:ip=%{REMOTE_ADDR},id:’4000′,pass,nolog” SecRule RESPONSE_STATUS … Read more
No matter how well a web server is configured, it is useless if it’s not properly secured. It’s a famous saying, ‘a chain is as strong as its weakest link’. As a system admin you have to address all vulnerabilities of your server. Since one single untreated vulnerability will be exploited by an attacker and … Read more
If your business has a website, you may be familiar with the mod_security module for Apache Web servers. ModSecurity is a firewall module for Apache servers that blocks malicious programs, scripts and injections, helping to keep your website more secure. Occasionally, you might need to bypass the module filters to accommodate a testing environment or … Read more
Malware Expert ModSecurity protection rules are now integrated ModSecurity Vendors in cPanel/WHM and can be activated from the cPanel / WHM Security Center. Copy vendor configuration URL in image. (Ex. right click, Copy Url) Malware.Expert -> My Account -> Subscriptions Sign in to your cPanel account Login to your cPanel/WHM server. Click the ‘Security Center‘ … Read more
ModSecurity SecRemoteRules directive allows the user to load rules from a remote server. Requirements Internet connection ModSecurity at least 2.9.x How SecRemoteRules Works 1. When HTTP daemon starts, it loads the configuration files. 2. Configuration files have the SecRemoteRules directive, which tries to connect the Remote Server load rules. 3. When the connection is created … Read more