• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 290
  • Last Modified:

mod_security and secfilter

I just install mod_security to prevent user from typing shell command in phpshell script.
I use :

Secfilter ls
Secfiler cat
Secfilter rm

then problem come when some use wanna access their php script named "catalogue.php" and using view.php?cat=1

also user of wordpress who wanna access options-permalink.php ( rm in permalink ) in the file name.

any clue or hint to solve this problem.

thanks in advance
0
hendri2
Asked:
hendri2
  • 2
1 Solution
 
BrianGEFF719Commented:
You might try something like:

SecFilterEngine On
SecFilterScanPOST On
SecFilterSelective "SCRIPT_FILENAME" "options-permalink\.php " "allow,log,status:412"
SecFilterSelective "QUERY_STRING" "cat" "allow,log,status:412"
SecFilterSelective "SCRIPT_FILENAME" "catalogue\.php" "allow,log,status:412"
0
 
BrianGEFF719Commented:
btw, that should go in your .htaccess file.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now