En cours

mod security rule: edit/change needed

There's some issue with mod security installed on a linux server, and a mod_sec rule needs editing since it's causing conflicts...

The GET is something like: /[url removed, login to view] HTTP/1.1 (BTW, the site is a blog!!!)

IPs that go with the above GET belong to yahoo and google. So basically mod security is blocking the yahoobot and googlebot and this is something I hate (as the bots won't "read" the site anymore)

mod security blocks these requests: "Access denied with code 501 (phase 2). Pattern match "(?:(?:\b(?:f(?:tp_(?:nb_)?f?(?:ge|pu)t|get(?:s?s|c)|scanf|write|open|read)|gz(?:(?:encod|writ)e|compress|open|read)|s(?:ession_start|candir)|read(?:(?:gz)?file|dir)|move_uploaded_file|(?:proc_|bz)open)|\$_(?:(?:pos|ge)t|session))\b|<\?(?!xml))" at REQUEST_FILENAME. [file "/usr/local/apache/conf/[url removed, login to view]"] [line "175"] [id "950013"] [msg "PHP Injection Attack"] [data "fopen"] [severity "CRITICAL"] [tag "WEB_ATTACK/PHP_INJECTION"] [tag "WEB_ATTACK/HTTP_RESPONSSE_SPLITTING"]"


1. Explain what does this "[url removed, login to view]" means & what does it actually do to the WP blog

2. Update the mod security configuration (rule editiong/whitelisting) so that mod security no longer blocks the se bots

It should be easy enough if you know your way around sys admininstration/security for linux servers

Compétences : Apache, Linux, Script Install, Administration Système, Sécurité Web

Voir plus : code sys, system ge, sys, security, security s, gz, ge, edit something, edit so, code security, blog pos, attack s, php severity, 501 , read write update, linux pos system, change google, site attack, php injection attack, change security, admin pos, edit code php, php change code easy, linux file edit, update apache

Concernant l'employeur :
( 14 commentaires ) Atlanta, Romania

N° du projet : #1077805

4 freelance ont fait une offre moyenne de 60 $ pour ce travail


easy for me. let i do some tweak in your mod_security rule. consider my bid.

30 $ USD en 0 jours
(26 Commentaires)

Hello, I can fix this for you.

30 $ USD en 1 jour
(3 Commentaires)

can u contact

150 $ USD en 10 jours
(0 Commentaires)

hi i can fix it for you

30 $ USD en 2 jours
(0 Commentaires)