Custom Rules for a Script

Community support forums for the free/delayed modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the delayed modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
kralso
New Forum User
New Forum User
Posts: 1
Joined: Thu Jul 28, 2011 3:07 pm
Location: Indonesia

Custom Rules for a Script

Unread post by kralso »

Hi,

I've tried to make a custom rules but always failing to do a good job :oops:

I'm trying to make a rule for mod_sec to prevent a certain cgi-telnet (the one from rohitab.com) script to be launched with no avail. Is this possible to do with mod_sec ?

I want to do this due an attack to my server using symlink via that cgi-telnet script. The attacker always change the script name and extension in each and every attack.

Help please and thank you in advance :)
Post Reply