I installed mod_security a little while ago and guess what: nothing works anymore.
I mean god, are you guys really that stupid not to test against the major scripts our there? wordpress, joomla !!!! gallery, phpbb, etc, nothing works.
Jesus Christ, what kind of a stupid shit is this? It reminds me of the days I tested various firewalls for window and got into core force.
I’m gonna google for a bit to see if there is any good resolution for this but if not, go screw you guys.
I mean I added like over 10 rules to th exception list according to various findings and nothing, I can’t even post a damn shit.
Posts Tagged ‘security’
mod_security sucks big time
Sunday, November 1st, 2009
Possible DOS attack caught on time
Thursday, October 22nd, 2009My server suddenly went under a very heavy load, similar with a DOS (Denial Of Service) attack. Luckily I was 1 foot away form it and heard the hard-drive working like crazy so I ssh-ed in the server, checked the running processes, noticed it was a high load on mysql (only possible via web), did a netstat, found the offending IP and temporarely -j DROP-ped it out with iptables. the load stopped suddenly so my finding was right.
this is the offending ip: 85.92.222.254
anyone know the guy behind it, hit him hard in the head.
will see if he returns and if he does, the -j DROP will become permanent.
Just for the record I currently have 7 IPs with permanent -j DROP . I should probably remove them since they are pretty old and with the use of DHCP the IPs probably belong to a ton of other people now.
Related posts
Site advertising their security component obviously got hacked
Saturday, July 4th, 2009
Joomsuite hacked
You can see in the attached screenshot how good this component is.
Their video tutorial on the subject is here: http://joomsuite.com/index.php?option=com_resource&controller=article&article=5678&category_id=150&Itemid=135
well, it will be available once they solve their security hole
