Thank you for the great contents you deliver through your channel. You can check if it works from the modsecurity log, it will show the requests that waf blocked or detected and the details of these requests
@Bluek3092 жыл бұрын
great tutorial, i setup modsec to implement as a solution for a vulnerable web app and makes everything secure by just deploying the WAF, i have seen a lot of your videos and you teach quality tools for security!! keep up the good work!!
@ActiveXSploit3 жыл бұрын
Good to see you are back
@mbm60483 жыл бұрын
The Boss is back !!! ♥️
@LaraGastaldi3 ай бұрын
thank you so much! loved the documentation :)
@ramsudhan80943 жыл бұрын
After a long time. Informative come back!!!
@fenneccyber2 ай бұрын
hi please help me with my problem, when I apply this module my website becomes text only without images or order or anything , do you know what is it and how to fix it?
@OhReallyHuman Жыл бұрын
Having an error here sir: systemctl restart apache2 (after all the configurations) returns an error. after inspecting, I found out using the journalctl that the webserver will refuse to start with an Unknown variable: &MULTIPART_PART_HEADERS error. I temporarily deleted the file rules/REQUEST-922-MULTIPART-ATTACK.conf as a workaround. Apache now starts normally, but I am wary because now the rules are incomplete. modsecurity2 version is 2.9.5 (I followed your commands in this video). Has anyone found a solution to this? Anyway sir, your tutorials are great, as always! Learned a lot. :)
@azkamustofa1768 Жыл бұрын
me too
@fastpanda Жыл бұрын
You got two options. A) Update your mod-security module to version 2.9.6 or 3.0.8 (or versions with backported patches), Or, B) remove file REQUEST-922-MULTIPART-ATTACK.conf from /usr/share/modsecurity-crs/rules folder (Or don't remove just rename to something else). It should work.
@GaNgStAdoog2 жыл бұрын
What if I do not have phpmyadmin, where to add config then? Thank you
@Thivagar-f9m8 ай бұрын
thank you super explanation
@rationalism_communism2 жыл бұрын
i have a reverse proxy with nginx if someone access my apache site through nginx reverse proxy which is normal but does somebody actually have to access the apache2 site directly for modsecurity to work or people can still access nginx reverse proxy to my site(apache2) and will modsecurity still work. thanks.
@KomalGuram8 ай бұрын
I have question: On installation of latest version of modsecurity, owasp rules are present in usr/share/modsecurity-crs dir then why it is required to replace with the owasp rules available on git repository? i even found version difference for installed modsecurity rules & git clone owasp rules, if i am not wrong its always safe to use latest version.
@realhomy3 жыл бұрын
thanks for the video
@mauriciogasca9778 Жыл бұрын
Gracias, excelente tutorial.
@Cris-xk5fq2 жыл бұрын
Great tutorial
@technicalresi545111 ай бұрын
Very nice sir 😊❤ thank you so much sar 😊❤
@labeveryday52793 жыл бұрын
Awesome loved it!
@davitorres86843 жыл бұрын
Hello Alexis. Thank you for the high-quality content of your videos. I implemented the mentioned Security Mode using those rules from the CoreRulesSet but I am having one issue with WordPress. The site continues to work well but if I log in and try to make any change or any post or page it blocks. Is there any exception rule or a specific set of rules for WordPress? Thank you!
@8080VB3 жыл бұрын
You better contact him on discord . He rarely replies on yt
@simple-security3 жыл бұрын
You’ll need to learn how to read the logs and then create exceptions in the modsec conf file.
@djebabliazakaria45932 жыл бұрын
How People Get Infected With Malicious Word Document': kzbin.info/www/bejne/e167lJKYht56aMU
@sarangasgekar5359 Жыл бұрын
Can we create apache on different machine and modsecurity on another machine ?
@yurafinzi Жыл бұрын
Hello Sir, I have followed the instruction until the time 14:58, and the next step is to restart apache2, when I did this, I got this error "Syntax error on line 43 of /usr/share/modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf Error creating rule: Unknown variable: &MULTIPART_PART_HEADERS", can you help me, how can I solve it? thanks in advance
@fearvalue1441 Жыл бұрын
same issue
@franciscochavez21643 ай бұрын
You can try this command: apachectl configtest It tells you more information about sintax error. It might be something mispelled in your configuration file. I had a similar issues.
@Z3R0RON3 жыл бұрын
Can this block an automated sqlmap injection running from Kali machine?
@adminids2157 Жыл бұрын
Any tutorial modsec in IIS 10?
@anmolvijwani65852 жыл бұрын
How to prevent csrf attacks on apache ws
@TubeKens Жыл бұрын
in "/etc/modsecurity/modsecurity.conf" SecStatusEngine is set to "On" curiously I get this error in apache2 log: "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On"
@cyberhat673 жыл бұрын
Love you bro ❤️
@lucatrabalza21383 жыл бұрын
very good video!
@ilyassgamra94853 жыл бұрын
hello is this modsecurity3 or the old version
@s.aravindh62273 жыл бұрын
Nice video bro 👍👍
@denniscastaneda75033 жыл бұрын
nice tuttorial
@cryptodoomer28552 жыл бұрын
Thanks bro
@VRT-y3f2 жыл бұрын
Спасибо!
@theway40202 жыл бұрын
Any help matey? May 24 17:08:27 cn01-desktop systemd[1]: Starting The Apache HTTP Server... May 24 17:08:28 cn01-desktop apachectl[286847]: apache2: Syntax error on line 231 of /etc/apache2/apache2.conf: Syntax error on line 36 of /etc/apache2/sites-enabled/000-default.conf: without matching section May 24 17:08:28 cn01-desktop apachectl[286844]: Action 'start' failed. May 24 17:08:28 cn01-desktop apachectl[286844]: The Apache error log may have more information. May 24 17:08:28 cn01-desktop systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE May 24 17:08:28 cn01-desktop systemd[1]: apache2.service: Failed with result 'exit-code'. May 24 17:08:28 cn01-desktop systemd[1]: Failed to start The Apache HTTP Server.
@HackerSploit2 жыл бұрын
Check for a syntax error in the /etc/apache2/apache2.conf file in line 231 and line 36 in the /etc/apache2/sites-enabled/000-default.conf file.
@theway40202 жыл бұрын
@@HackerSploit The syntax error is the I inserted as you advised. As follows in both files using vim function: ____ ONE The file: /etc/apache2/apache2.conf Inserted: include /etc/phpmyadmin/apache.conf Include /usr/share/modsecurity-crs/crs-setup.conf Include /usr/share/modsecurity-crs/rules/*.conf _____ TWO The file: /etc/apache2/sites-enabled/000-default.conf Inserted: Include /usr/share/modsecurity-crs/crs-setup.conf Include /usr/share/modsecurity-crs/rules/*.conf I followed your method to the letter. What can I use to correct this syntax error any tools. Do you have any educational material for syntax understanding. Yours
@dayank.r2808 Жыл бұрын
have u solved it bro?
@yurafinzi Жыл бұрын
@@dayank.r2808 I think I got the same problem, have you solved it?
@realhomy3 жыл бұрын
yessir
@humzaahmed93443 жыл бұрын
I have got an error
@8080VB3 жыл бұрын
Solved?
@humzaahmed93443 жыл бұрын
@@8080VB yes I have thank you.
@8080VB3 жыл бұрын
@@humzaahmed9344 good
@ceaser93773 жыл бұрын
I'm first here too!
@abhijiths86710 ай бұрын
Apache2 not starting: AH00526: Syntax error on line 43 of /etc/modsecurity/rules/REQUEST-922-MULTIPART-ATTACK.conf