Modsecurity Joomla friendly rules

Hi all,

I'm using latest modsecurity with default rules plus the gotroot as well but having issues with Joomla sites. Many forbidden access errors throwing in various pages and is impossible to track one by one as I need ages.

Is there a resource with working rules for Joomla sites?

Thanks a lot

There's a commercial set of rules available here (modsecurity.org), but it's a bit pricey; to protect 100 domains the cost is $15,000 per year.

Googling joomla friendly modsecurity rules might give you some information.

Jeff

I've got Joomla 1.5, 1.6, 1.7 and 2.5 running without any issue, are you sure it is a mod_security problem?

There is only one web site on this server and is getting a lot of XSS/SQL attacks. If I disable modsecurity rules the load goes up to 30 and site is going offline. WIth base rules and those from gotroot the load goes straight away down to 1-2 but Joomla got many many issues with articles saving etc. I've disabled many rules but there are so many more which isn't possible to sort it out. This is why I'm looking for something tested. 15k for the rules is very expencive and can't afford this.

Anyone with Joomla friendly rules that care to share?

Thanks

We have also alot of joomla websites running on our servers without any issues, i think it's more an problem with the site than with the rulesets.
I can take a look at the site if you like.

What rules you are using? The default from gotroot?

I dont use the rules from gotroot, but i dont think the ruleset from gotroot will cause an problem on a joomla site. I can be wrong offcourse.. Did you tried the default ruleset of atomic?

I tried both. Can you share your rules please?