Typo3 Fileadmin mod_evasive false positive

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

Typo3 Fileadmin mod_evasive false positive

Unread post by BruceLee »

Hi guys,

like always Typo3 sucks :)
Fileadmin listing leads to a blacklisting due to mod_evasive since a lot of files are in the directory. the rule triggered is: https://www.atomicorp.com/wiki/index.php/HIDS_60205
How to get this running in a secure manner? Setting higher limit only "works" depending on dir size/ amount of files. Other dir needs another higher limit bacause of more files. In the end I would have to set so high that mod_evasive would be annuled.

How can I keep it secure but not have the customers blacklisting. Right now Typo3 is unusable due to that.
Thanks a lot.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: Typo3 Fileadmin mod_evasive false positive

Unread post by scott »

If you look at the Solutions section on https://www.atomicorp.com/wiki/index.php/HIDS_60205 the 3 options are covered there in detail.
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

Re: Typo3 Fileadmin mod_evasive false positive

Unread post by BruceLee »

thanks a lot. Only tweaking of mod_evasive left. Option 2 is not working due to DHCP Carrier IP. Option 3 is a no-go for me :)
Post Reply