Solved

mod_security question

Posted on 2006-06-16
4
235 Views
Last Modified: 2010-03-04
we have enabled mod_security and prevented a lots of XSS attacks.
the problem is that some of the clients couldn work with they cms or forums cause the xss rules denied the access to many functions of the forums/cms's.

I had to disable these rules from mod_security but now i have problems iwth XSS attacks again.

As I understand there must be a way not to disable the rules from apache but just for a particular site's vhost, by using .htaccess or some include?

anyone has idea how to do that?

the rules I want to disable ONLY for these particular vhosts are these:

 SecFilter "<( |\n)*script"
 SecFilter "<(.|\n)+>"
0
Comment
Question by:MaRiOsGR
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 23

Accepted Solution

by:
rama_krishna580 earned 500 total points
ID: 16972377
0
 
LVL 2

Author Comment

by:MaRiOsGR
ID: 17175091
The links do not give any answer to the specific thing I asked, so it not helpful to accept as a right answer.
It won't help anyone that would read this post.

But, you are the Site Admin and you decide :)

0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
I need help developing an PHP application that browses for a file. 10 118
ignore other .htaccess 2 79
clicking to find my folders on wamp 8 46
phpmyadmin memory error 55 91
Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
Suggested Courses

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question