[horde] mod_security

Dick Hoogendijk dick at nagual.st
Sat Jul 9 14:09:41 PDT 2005

I have mod_security in my httpd.conf for quit some time now, but lately
I get more errors, now that I run more php programs.

phpBB2 had issues with rule (a)
mySQL and horde have issues with (b)
and today sending mail from imp to "horde" <horde at lists.horde.org>
did no work (internal webserver error on rule (c)

I can mark them out (like I do now), but that way I loose a lot of
defense against all kinds of php injections.
Does anybody use mod_security too and if so, what are good rules for a
good working mysql / php website?

==--==--== quote mod_security ==--==--==

# =================================================
# Logging GET/POST requests, defending against
# Cross-Site-Scripting and SQL Injection attacks
# =================================================
<IfModule mod_security.c>
    AddHandler application/x-httpd-php .php
    SecAuditEngine On
    SecAuditLog /var/log/apache/audit.log
    SecFilterScanPOST On
    SecFilterEngine On
    SecFilterDefaultAction "deny,log,status:500"
##    SecFilter "<(.|\n)+>"     <---------- rule (a)
##    SecFilter ","		<---------- rule (b)
##    SecFilter "\""		<---------- rule (c)

dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE
++ Running FreeBSD 4.11-stable ++ FreeBSD 5.4
+ Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja

More information about the horde mailing list