Top

Tag Archives | ModSecurity rules

Patchman

Hosting providers suffer on a daily basis from the consequences of the many security vulnerabilities found in commonly used CMS’s such as WordPress, Drupal and Joomla. Patchman Patchman detects these vulnerabilities and is able to safely patch them without assistance from your customer. Because of our unique approach, you can also be rest assured that […]

Continue Reading

Multipart: Invalid boundary in C-T (characters)

You can sometimes see this error ModSecurity log file: –b2b99b07-H– Message: Multipart parsing error (init): Multipart: Invalid boundary in C-T (characters). POST Payload Typically payload looks below, which cause that error –b2b99b07-B– POST /index.php HTTP/1.0 Host: malware.expert Accept: */* Referer: http://malware.expert/ User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0 Content-Length: 389 Content-Type: multipart/form-data; boundary=(UploadBoundary) Problem […]

Continue Reading

WAF (Web Application Firewall)

Cloud Web Application Firewalls Cloudflare Cloudflare’s enterprise-class web application firewall protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure. Read more – https://www.cloudflare.com/ AWS WAF AWS WAF is a web application firewall that helps protect your web applications from common […]

Continue Reading

Web Application Firewall

A Web Application Firewall protects Web servers from malicious traffic and blocks attempts to compromise the system. While proxies generally protect clients, WAFs protect servers. A WAF is deployed to protect a specific web application or set of web applications. A WAF can be considered a reverse proxy. WAFs may come in the form of […]

Continue Reading

writing modsecurity rules

ModSecurity Rule Writing The ModSecurity Reference Manual should be consulted in any cases where questions arise relating to the syntax of commands: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual Rule Syntax Here basic about SecRule: VARIABLES ARGS is a collection so it means all arguments including the POST Payload. ARGS_GET contains only query string parameters. ARGS_POST contains arguments from the POST body. FILES Contains a […]

Continue Reading