En cours

mod security rule: edit/change needed

There's some issue with mod security installed on a linux server, and a mod_sec rule needs editing since it's causing conflicts...

The GET is something like: /[url removed, login to view] HTTP/1.1 (BTW, the site is a blog!!!)

IPs that go with the above GET belong to yahoo and google. So basically mod security is blocking the yahoobot and googlebot and this is something I hate (as the bots won't "read" the site anymore)

mod security blocks these requests: "Access denied with code 501 (phase 2). Pattern match "(?:(?:\b(?:f(?:tp_(?:nb_)?f?(?:ge|pu)t|get(?:s?s|c)|scanf|write|open|read)|gz(?:(?:encod|writ)e|compress|open|read)|s(?:ession_start|candir)|read(?:(?:gz)?file|dir)|move_uploaded_file|(?:proc_|bz)open)|\$_(?:(?:pos|ge)t|session))\b|<\?(?!xml))" at REQUEST_FILENAME. [file "/usr/local/apache/conf/[url removed, login to view]"] [line "175"] [id "950013"] [msg "PHP Injection Attack"] [data "fopen"] [severity "CRITICAL"] [tag "WEB_ATTACK/PHP_INJECTION"] [tag "WEB_ATTACK/HTTP_RESPONSSE_SPLITTING"]"


1. Explain what does this "[url removed, login to view]" means & what does it actually do to the WP blog

2. Update the mod security configuration (rule editiong/whitelisting) so that mod security no longer blocks the se bots

It should be easy enough if you know your way around sys admininstration/security for linux servers

Compétences : Apache, Linux, Script Install, Administration Système, Sécurité Web

en voir plus : s.i.s. security, open.ge, pu.go.id, code sys, system ge, sys, security, security s, gz, ge, edit something 2, edit so, code security, c# code se, blog pos, attack s, php severity, 501 , read write update, linux pos system, change google, site attack, php injection attack, change security, admin pos

Concernant l'employeur :
( 14 commentaires ) Atlanta, Romania

Nº du projet : #1077805

3 freelance font une offre moyenne de $70 pour ce travail


easy for me. let i do some tweak in your mod_security rule. consider my bid.

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% USD en 0 jours
(37 Commentaires)

can u contact

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% USD en 10 jours
(0 Commentaires)

hi i can fix it for you

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% USD en 2 jours
(0 Commentaires)