Search found 3 matches
- Thu Jul 25, 2013 2:44 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Realtime security rules on IIS
- Replies: 7
- Views: 13025
Re: Realtime security rules on IIS
Makes sense. Thanks! I'd bet some of those were Joomla specific exceptions, so I'm going to have to check and see if any of those sites are broken or partly broken...not a biggie So...I commented all those out but seeing this a lot in the windows application log: 1) ModSecurity: ipMatch Internal Err...
- Wed Jul 24, 2013 3:09 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Realtime security rules on IIS
- Replies: 7
- Views: 13025
Re: Realtime security rules on IIS
Yes, that's because IIS doesn't understand LocationMatch. Just comment those out. We'll be putting out an IIS specific ruleset shortly that doesnt include them. Thanks! is there a workaround? I'm more than a little concerned about potential security vulnerabilities arising from disabling those rule...
- Wed Jul 24, 2013 1:22 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Realtime security rules on IIS
- Replies: 7
- Views: 13025
Realtime security rules on IIS
Modsecurity newbie here... I have installed modsecurity on iis 7.5 and got the default modescurity rules (including owasp crs ruleset) working. However they were too restrictive for a couple of Joomla sites. So the Atomicorp paid subscription version of the looked like the perfect solution so I sign...