mod security issue

hostnex

• October 26, 2013 04:35

when we add the rule given below in mod security Apache stops working. We are using Apache 2.x .Can anyone help me to resolve the issue. SecRule RESPONSE_BODY "" "deny,msg:'PHP source code disclosure blocked'"

• 

  cPanelMichael

  • October 28, 2013 03:43

  Hello :) I recommend first reading the following document for information about using Mod_Security and implementing custom rules: EasyApache - Mod_Security Then, once you have ensured your rule is correctly formatted with a rule ID, check /usr/local/apache/logs/error_log for the specific error message associated with the rule you have added. Restarting Apache should also generate a specific error related to the rule. Thank you.

  0
• 

  quizknows

  • October 28, 2013 20:01

  You need to ID the rule. Try this: SecRule RESPONSE_BODY "" "deny,id:2000345,msg:'PHP source code disclosure blocked'"
  

  0
• 

  hostnex

  • October 30, 2013 16:43

  we arr trying to use the rules given in this post but getting error on Apache restart

  0
• 

  cPanelMichael

  • October 30, 2013 16:45

  That post is from 2011, and likely is intended for an earlier version of Mod_Security. Did you try the rule from user quizknows in the post before yours? Thank you.

  0
• 

  hostnex

  • October 30, 2013 16:47

  is there any post on the cpanel forum from we can have some good mod security rules. Gotroot doesn't give free rules anymore :(

  0
• 

  cPanelMichael

  • October 30, 2013 16:49

  There is a thread on this with some alternatives at: Atomic Corp No Longer Provides Free Rules Thank you.

  0

Please sign in to leave a comment.