Looking for cms-related rules
Posted: Wed Jan 28, 2015 4:12 am
Hi,
I'm trying out the Atomicorp mod_security rules with nginx, and I have enabled the recommended basic rules.
I am however looking for rules specific to out-of-date CMS-applications, namely Wordpress. I want to protect sites against for example the recent revslider and symbosium vulnerabilities. I have tried out the revslider exploit on a vulnerable site however this attack is not blocked. I've done a grep on "revslider" in the rule-files however I could not find this string, so I'm not sure which rules I should enable to protect Wordpress websites against out-of-date plugins.
Could you point me in the right direction?
Thanks!
- Niels
I'm trying out the Atomicorp mod_security rules with nginx, and I have enabled the recommended basic rules.
I am however looking for rules specific to out-of-date CMS-applications, namely Wordpress. I want to protect sites against for example the recent revslider and symbosium vulnerabilities. I have tried out the revslider exploit on a vulnerable site however this attack is not blocked. I've done a grep on "revslider" in the rule-files however I could not find this string, so I'm not sure which rules I should enable to protect Wordpress websites against out-of-date plugins.
Could you point me in the right direction?
Thanks!
- Niels