Mod_Security Secure Filter Problem

I installed Mod_Security use the tutorial at WebHostGear, and modified the http.conf with info from a related Webhostgear forum thread.

I had a problem with SecFilter "\.\./"

is so everything I have in a folder I am having problems with like parts of my theme

/themes/style.css

Is there a way to Prevent path traversal (..) attacks below my folder level of a virtual host directory level so it would not care about anything above ~, but would stop stuff going to /home or is that taken care of with SecFilter /lib/ or /tmp ?

Any help would be appreciated

 

 

 

 

Top