ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://forum.configserver.com/

add mod_security ban by error code configuration

https://forum.configserver.com/viewtopic.php?t=690

Page 1 of 1

add mod_security ban by error code configuration

Posted: 06 Aug 2007, 12:29
by wolf
I think it would be extremely useful if csf checked the error code of the audit_log and ban,temp_ban, or ignore based on the error code of the audit_log entry.

eg. permanantly ban any 412 code on 1 connection while temp banning a 403 error code with 5 attempts for X seconds and ignoreing 406 alltogether.

just thought it would add a whole new level of control :)

Posted: 13 Jan 2008, 16:31
by wolf
exactly what code(s) does csf recognize in the mod_security audit logs? seems some codes will trigger it while others wont.

Posted: 17 Jan 2008, 16:51
by chirpy
It uses a regex against the error posted in the apache error_log. You can find the regex in /etc/csf/regex.pm
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited