theme-edit, mod_security and xss injection attacks

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Thread Modes

theme-edit, mod_security and xss injection attacks

shawn_a Offline

Lead Developer

Posts: 6,266
Threads: 181
Joined: Sep 2011

2011-09-15, 23:50:27

If your host allows it, you can override mod_security per .htaccess file.

This for example will disable it based on a specific IP match and if POST data.

SetEnvIf Remote_Addr ^xxx\.xxx\.xxx\.xxx$ MODSEC_ENABLE=Off
SetEnvIf Request_Method !^POST$ MODSEC_ENABLE=On

If not then you may have to get your host to allow a whitelist.

There are ways which you can then specify unique ids or files to include or exclude.

NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix

Website Find

« Next Oldest | Next Newest »

Messages In This Thread

theme-edit, mod_security and xss injection attacks - by shawn_a - 2011-09-14, 23:40:30

theme-edit, mod_security and xss injection attacks - by shawn_a - 2011-09-14, 23:52:50

theme-edit, mod_security and xss injection attacks - by yojoe - 2011-09-15, 17:36:29

theme-edit, mod_security and xss injection attacks - by shawn_a - 2011-09-15, 23:50:27

View a Printable Version

Users browsing this thread: 1 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me