Konu: mod_security kurulumu
Tekil Mesaj gösterimi
  #2 (permalink)  
Alt 13.09.07, 10:54 PM
Fesih BICER - ait Kullanıcı Resmi (Avatar)
Fesih BICER Fesih BICER isimli Üye şimdilik offline konumundadır
fshbcr
  
Üyelik tarihi: Jun 2007
Nerden: Çorlu
Yaş: 28
Mesajlar: 596
Tecrübe Puanı: 1092
Fesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond reputeFesih BICER has a reputation beyond repute
Fesih BICER - MSN üzeri Mesaj gönder
Aşağıdaki komutlar şimdilik yeterlidir. yeni exploitler çıkarsa bakıp listeyi güncellerim.

Kod:
<IfModule mod_security.c>
SecFilterEngine On
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 0 255
SecAuditEngine RelevantOnly
SecAuditLog logs/audit_log
SecFilterDebugLog logs/modsec_debug_log
SecFilterDebugLevel 0
SecFilterDefaultAction "deny,log,status:406"
SecFilterSelective REMOTE_ADDR "^127.0.0.1$" nolog,allow
Secfilter "sbin/"
SecFilter "eggz"
SecFilter "eggdrop"
SecFilter "psybnc"
SecFilter "udp.pl"
SecFilter "bindtty"
Include "/usr/local/apache/conf/modsec.user.conf"
SecFilterSelective THE_REQUEST "act=cmd"
SecFilterSelective THE_REQUEST "yshout"
SecFilterSelective THE_REQUEST "toplist"
SecFilterSelective THE_REQUEST "button.php"
SecFilterSelective THE_REQUEST "vbshout"
SecFilterSelective THE_REQUEST "act=tools"
SecFilterSelective THE_REQUEST "act=gof"
SecFilterSelective THE_REQUEST "act=ls"
SecFilterSelective THE_REQUEST "act=mk"
SecFilterSelective THE_REQUEST "act=f&"
SecFilterSelective THE_REQUEST "r57"
SecFilterSelective THE_REQUEST "c99"
SecFilterSelective THE_REQUEST "root"
SecFilterSelective THE_REQUEST "chmod"
SecFilterSelective THE_REQUEST "cmd="
SecFilterSelective THE_REQUEST "rush="
SecFilterSelective THE_REQUEST "union"
SecFilterSelective THE_REQUEST "UNION"
SecFilterSelective THE_REQUEST "echr"
SecFilterSelective THE_REQUEST "cp%20"
SecFilterSelective THE_REQUEST "mdir%20"
SecFilterSelective THE_REQUEST "mcd%20"
SecFilterSelective THE_REQUEST "mrd%20"
SecFilterSelective THE_REQUEST "rm%20"
SecFilterSelective THE_REQUEST "mv%20"
SecFilterSelective THE_REQUEST "rmdir"
SecFilterSelective THE_REQUEST "chown"
SecFilterSelective THE_REQUEST "chgrp"
SecFilterSelective THE_REQUEST "locate"
SecFilterSelective THE_REQUEST "grep"
SecFilterSelective THE_REQUEST "diff"
SecFilterSelective THE_REQUEST "passwd"
SecFilterSelective THE_REQUEST "telnet"
SecFilterSelective THE_REQUEST "vi%20"
SecFilterSelective THE_REQUEST "INSERT%20INTO"
SecFilterSelective THE_REQUEST "SELECT%20"
SecFilterSelective THE_REQUEST "nigga"
SecFilterSelective THE_REQUEST "fopen"
SecFilterSelective THE_REQUEST "fwrite"
SecFilter '$path."*"'
</IfModule>
__________________
domain bayiliği
Alıntı ile Cevapla