Comments on: An introduction to mod_security

By: Nancy W

Nancy W — Sat, 10 May 2008 23:14:29 +0000

Well, better late than never. In looking at my lists, I see that I could stop a good portion of the attacks if I can filter out double slashes (other than the forts one - http://…;). How would you write such a rule?

By: ProNet

ProNet — Wed, 08 Feb 2006 18:25:33 +0000

mod_security for protecting your blog

In light of the coverage that the Register’s interview with a link spammer is getting, it’s worth reviewing some of the host-level changes that can be made to protect against these attacks. Foremost among the options is mod_security. You can…

By: FreeTechieGuide

FreeTechieGuide — Wed, 07 Dec 2005 16:41:06 +0000

Great explanation. I might be able to use this once I switched to a dynamic site.

Thanks a lot.

By: Charles Mac Lane

Charles Mac Lane — Sun, 12 Jun 2005 18:10:02 +0000

Great presentation. mod_security is really powerfull against spam. Its fonctionnality can satisfy many people… But Don’t forget to ask your ISP before try to use it.

By: david-s.net

david-s.net — Wed, 11 May 2005 05:10:06 +0000

When mod_security attacks

The fine people over at TextDrive run ModSecurity on their Apache servers. ModSecurity takes care of filtering out most evil comment spammers requests before they even have a chance to actually hit the applications running on the server (i.e. WordPress…

By: Flashes of Panic

Flashes of Panic — Fri, 15 Apr 2005 16:39:17 +0000

Clearing the cruft

You’ll remember that I [have constructed]¹, over some months, a dense and convoluted .htaccess file using mod_rewrite, mod_access, and mod_setenvif.

By: Spam Huntress » Blog Archive » Blocking the xmix spammer

Spam Huntress » Blog Archive » Blocking the xmix spammer — Thu, 07 Apr 2005 09:28:12 +0000

[...] Update The block below doesn’t work on my server. But check this page: http://atomicplayboy.net/blog/2005/01/30/an-introduction-to-mod-security/ [...]

By: Andy Budd

Andy Budd — Mon, 07 Feb 2005 17:04:50 +0000

There is already a module originally designed to fight DDoS attacks. By modifying the thresholds on this module, it can be used to block IP addresses that try to flood with comments or referrals too fast.

I wonder if this could also be used to prevent dictionary based hacking attempts.

By: Ravi

Ravi — Thu, 03 Feb 2005 17:31:27 +0000

Nice article, and an excellent description of the mod_security functionality.

By: WebMaster View

WebMaster View — Tue, 01 Feb 2005 11:38:22 +0000

mod_security and Comment spam

Using mod_security to kill comment spam.