Echelon17

  • Total activity 27
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 0
  • Subscriptions 6

Activity overview

Latest activity by Echelon17

  • Echelon17 created a post,

    Exim System Filter to Block Forwarded E-Mails to Specific Destinations

    1. Community
    2. Email

    I would like to create a custom Exim system filter that can prevent e-mails from being forwarded to certain domains, such as Gmail.com, Hotmail.com etc. Is this possible? I've looked through the Ex...

    • Echelon17
    • 0 followers
    • 0 comments
    • 0 votes

  • Echelon17 created a post,

    exim.conf overwriting exim.conf.local?

    1. Community
    2. Email

    I am running CSF on some servers, and in order to have the SCRIPT_ALERT system work correctly, I need to change the log_selector line in Exim to something different than the cPanel default. I've d...

    • Echelon17
    • 1 follower
    • 1 comment
    • 0 votes

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    ]I only mentioned my experience to let you know that I'm not speculating with what I say. I work with ModSecurity every day. I didn't claim you were speculating anything. It seemed very defensive o...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    ]I've managed modsecurity rules for a major hosting provider for many years. OK. And? Your personal experience and history are irrelevant to this discussion. Why are you bringing them up? Managing ...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    ]I like the idea, though usually, disabling a rule per URI is a bit better than globally. I.E. if the rule breaks stuff in wp-admin, just do SecRuleRemoveByID ##### This way, the rule is still ...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    ]This is EXACTLY my concern! Wasted a lot of time with preserving old rules, poor documentation and false positives! Here is the irony: The goal of these rules it to enforce automated protection,...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    ]1. That's what the 'rev' tag in rules is intended for; if a rule has an updated rev tag (revision) you should re-enable it to see if it works. Something automated for that would definitely be nice...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    ]That many eh? Thankfully we only had to remove 3 rules on our servers running WAF In their defence, they have been trying to update them and fix false positives as things progress, and the bulk of...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    @Brian: Thanks for your response. I look forward to a 'report' feature, since I have a feeling it's going to be used quite heavily when live... Can you tell us more about how the rule updates will...

  • Echelon17 commented,

    1. Community
    2. Security
    3. OWASP - mod security and wordpress

    OWASP: False Positives You guys really screwed the pooch with the latest release. The OWASP rules are terrible and it's pretty obvious they haven't been tested very well. Within minutes of activat...