ModSecurity Comodo rules aren't applied?

vancanneyt

Verified User
Joined
Dec 13, 2012
Messages
85
After installing ModSecurity with:
Code:
./build modsecurity
./build modsecurity_rules
first issue I ran into was in this topic. After fixing that I tried to test if the rules are applied and see if the WAF does its work. I followed the example of the Comodo knowledgebase. But if I test it, it still returns http response code 200 instead of blocking the request. So it seems the WAF is not working...
Anyone an idea what the issue might be?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,255
Location
GMT +7.00
Hello,

For ModSecurity to work with Nginx try and set SecRequestBodyAccess On

You can do it in Directadmin interface at admin level.
 

vancanneyt

Verified User
Joined
Dec 13, 2012
Messages
85
Hello,

For ModSecurity to work with Nginx try and set SecRequestBodyAccess On

You can do it in Directadmin interface at admin level.
It was Off indeed and I changed it in /etc/nginx/nginx-modsecurity.conf and restarted Nginx, test turns out with 403 respons code. Thanks!
 
Top