Recent Posts

Force download files using php...
Password protect pages using javascript...
Simple Ajax with PHP click tracker...
Warning: session_start(): Cannot send session cook...
Adding a draggable div along with the cursor using...
Expand and collapse toggle div using jquery...
Simple Pagination Using PHP Script...
Simple PHP Captcha Image Verification or Validatio...
How to get the query string value in perl cgi scri...
Upload Your Scripts For Free...
How to run CGI or Perl Scripts in IBM Http Server ...
Include files in php using include, include_once, ...
Load Another Webpage Content Using Simple Jquery...
Changing link style properties using css ...
View webpage source using javascript...
Write data to a page using javascript...
Simple Javascript Clock...
Slideshow using jquery...
Get youtube video screenshot using simple php and ...
Disable submit button on form submit...
Jquery Basics, How to use jquery?...
Replacing images with time intervals using jquery...
The thrilling potential of sixth sense technology...
Auto refresh page with timer using javascript...
Learn CSS Basics Very Simple Tutorial...
CSS or Table?...
PHP Most Potentially Dangerous Feature, Secure It ...
Loading swf file from another server using crossdo...
Disable the TRACE and TRACK For More Security...
Speed up wordpress using .htaccess part 2...
How to create and use google robots.txt simple tri...
Speed up wordpress using .htaccess part 1...
WordPress Vulnerability...
Wordpress mysql injection permalink, wp 2.8 versio...
Words Validation with Javascript...
How to get your deleted files back using google de...
How to avoid direct access to a file in php...
Search Engine Friendly URL Using mod_rewrite...
How To Avoid 404 Error Pages Easily and Reliably...
Simple php watermark script...
Create thumbnail using php and gd library...
mod_security the Apache Module, The Apache Firewal...
Using no-cache for Stop Caching in Firefox and Int...
How to split a word or sentence delimited with sla...
File System Reference In PHP...
Find Absolute Path Of A File Or Directory Using PH...
Close Event In Javascript Using OnUnload()...
Close Event In Javascript For Firefox, IE and Chro...
Shell Scripts Part 2...
Shell Scripts Part 1...
Simple shell script to FTP file from your Desktop ...
Right Click Context Menu In Flash Movie Simple Met...
Custom Error Pages Using .htaccess...
Disabling right click menu using javascript Enhanc...
Pass PHP Value To Javascript...
How To Set And Get Cookies Using PHP...
Fix 500 Internal Server Error In Wordpress...
Change background color using php for a webpage...
Simple Code To Set And Retrieve Cookie Using PHP...
Simple XML Reading Using PHP...
Simple CSS Dropdown Menu...
Passing variables from javascript to php...
Append data to a text file using php...
Post Data To Another Website Using cURL In PHP...
Store Data In Remote DataBase Using cUrl or Execut...
Login to yahoo using cUrl in php...
Enabling curl on XAMPP for Windows...
LED Display or Scrolling text using javascript...
Secure PHP Scripts...
MD5 Function and Unique ID in php...
Javascript setTimeout() Tricks...
PHP is not executed and source visible...
Displaying or changing images each day...
How to install XAMPP...
.htaccess some facts and rules...
Fix the problem in getting 500 Internal Server Err...
Caching of images using javascript image object...
Simple Javascript Slideshow...
Url rewriting examples using .htaccess...
Display Tags in wordpress...
How to display popular posts in wordpress ...
Simple file upload script using php...
Simple PHP mail Script...
Appending string using php to a text file...
Get IP address using gethostbyname() function...
Simple PHP Login Script...
Recuva best file recovery software...
Simple Calendar Script Using Javascript...
Arrays In PHP...
JAVA Simple Tutorial Part-I ...
Windows XP shortcuts for interner explorer, excel ...
Php mysql example image gallery blob storage...
Caching of web page using php...
How to create random passwords using php...
Hit counter using php...
How to close a child window from a parent window u...
Adding and removing child nodes using javascript a...
Use of crossdomain.xml in flash...
Creating a simple class file using PHP...
Add to favorites or bookmarking using javascript i...
This Post Has Been Viewed 289 Times.

mod_security the Apache Module, The Apache Firewall blocking your website?

Posted by admin | Posted in Apache | Posted on 05-07-2009

0

The reason behind this findings is simple.One of my website which should be up and running everyday without fail was pulling my legs for the past 7 days because it always goes down at one time or another after posting or deleting some topics or something related to that was done.I raised a ticket on my web hosting provider and they told some firewall is blocking my IP.Then i realized that their is some culprit in between my webserver and the enduser.It is the apache module mod_security which is very powerful and we can install it with the webservers of apache easily.So the next step was that i want to disable this guy for my users otherwise they will experience NetWork Time Out or 500ISE[Internal Server Error] or even 406 HTTP error.

This is a very nice module that acts as an Apache firewall - it blocks a lot of the usual routes that people use to hack websites. In particular it scans POST requests (sent when you ’save’ something on a website’), and displays a 406 error for anything controversial.

The solution was very simple. The following lines were added to the .htaccess file to disable mod_security:

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

Naturally you loose any benefits that mod_security might bring, but that’s better than a non-functioning website, and you can always ask for the security configuration to be toned down to a more acceptable level.

Disable mod_security in .htaccess file

  1. If you do not have one yet, an .htaccess file in the folder of your web application
  2. To disable mod_security COMPLETELY, add the following line to the .htaccess file:
  3. <IfModule mod_security.c>
  4. SecFilterEngine Off

    OR, to disable HTTP POST scanning only, use the following instead:
    SecFilterScanPOST Off

  5. </IfModule>
  6. Save the file and test your web application to check whether disabling mod_security has solved your problem.

After a day long googling i found out the culprit that was not allowing me to access my website.I think i have fixed my issue and i think u also have found out the real culprit behind your access issue.

VN:F [1.5.7_846]
Rating: 10.0/10 (1 vote cast)
VN:F [1.5.7_846]
Rating: 0 (from 0 votes)
Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
  • De.lirio.us
  • Xerpi

Related posts:

  1. Adding Handlers Directly In httpd.conf Of Apache
  2. Adding apache handlers in cpanel
  3. Disable the TRACE and TRACK For More Security
  4. Speed up wordpress using .htaccess part 1
  5. Custom Error Pages Using .htaccess
  6. How to run CGI or Perl Scripts in IBM Http Server [IHS] or Apache Servers
  7. Fix 500 Internal Server Error In Wordpress

Write a comment

Spam Protected