L
Limedrink
Guest
Yes, it has been mounted and secured that way for years.
Any other ideas?
Thanks again.
Limedrink.
Any other ideas?
Thanks again.
Limedrink.
#really broad furl_fopen attack sig
#tune this for your system
SecFilterSelective REQUEST_URI "!(/tiki-objectpermissions|aardvarkts/install/index|/do_command|banner_click|wp-login|tiki-view_cache|/horde/index|/horde/services/go|/goto|gallery2?/main|ad-?server/adjs)" "chain,id:300018,rev:3,severity:2,msg:'Generic PHP code injection protection via ARGS'"
SecFilterSelective REQUEST_URI "\.php(3|4|5)?(\?|&)" chain
SecFilterSelective ARGS "(ht|f)tps?:/" chain
SecFilterSelective HTTP_Referer "!/imp/login\.php"
SecFilterSelective REQUEST_URI "!(/tiki-objectpermissions|aardvarkts/install/index|/do_command|banner_click|wp-login|tiki-view_cache|/horde/index|/horde/services/go|/goto|gallery2?/main|ad-?server/adjs)" "chain,id:300040,rev:1,severity:2,msg:'Generic PHP code injection protection in URI'"
SecFilterSelective REQUEST_URI "\.php(3|4|5)?(\?|&).*=(ht|f)tps?:/" chain
SecFilterSelective HTTP_Referer "!/imp/login\.php"