request Archives

Ban with ModSecurity HTTP or HTTPS requests 404 Response code

September 10, 2023September 19, 2017 by admin

This tutorial we want Ban with ModSecurity IP addresses for specific time with ModSecurity that causes multiple 404 errors on the web site. Ban with ModSecurity Depend you Apache/Nginx and PHP configuration, you may use phase:1 with rule 4000 & 4002. Also you need enable SecResponseBodyAccess On to ModSecurity configuration files. SecAction “phase:2,initcol:ip=%{REMOTE_ADDR},id:’4000′,pass,nolog” SecRule RESPONSE_STATUS … Read more

Processing phases of Modsecurity

September 24, 2023August 11, 2017 by admin

ModSecurity works on a powerful language of rules and its API allows monitoring of HTTP(S) that is coming in and out of your web server, to keep your web applications up and running all the time. This article is written to show how ModSecurity protects web applications running on Apache Web Server. The below diagram … Read more

RCE Attempts Against the Latest WordPress API Vulnerability

February 11, 2017 by admin

We are see remote command execution (RCE) attempts trying to exploit the latest WordPress API Vulnerability. The attackers trying to exploit sites that have plugins like the Insert PHP, Exec-PHP and similar installed plugins. These plugins, allow users to insert PHP code directly into the posts as a way to make customizations easier. Coupled with … Read more