Mod_sec causing problems

Hey

A client of mine is having problems running there free image host on my server.

I know its a security risk, but what should be enabled and disabled in these mod_security rules?

<IfModule mod_security.c>
SecFilterEngine on
SecFilterCheckURLEncoding On
SecFilterForceByteRange 0 255
SecAuditEngine RelevantOnly
SecAuditLog /var/log/httpd/audiot_log
SecFilterDebugLog logs/modsec_debug_log
SecFilterDebugLevel 0
SecFilterScanPOST On
SecFilterDefaultAction "deny,log,status:406"
SecFilter "viewtopic\.php\?" chain
SecFilter "chr\(([0-9]{1,3})\)" "deny,log,status:50"
SecFilter /boot
SecFilter /dev
SecFilter /etc
SecFilter /initrd
SecFilter /lib
SecFilter /lost+found
SecFilter /misc
SecFilter /mnt
SecFilter /proc
SecFilter /root
SecFilter /sbin
SecFilter /scripts
SecFilter /tmp
SecFilter /usr/local/apache
SecFilter /usr/local/cpanel
SecFilter /usr/local/mysql
SecFilter /var

SecFilter /boot/
SecFilter /dev/
SecFilter /etc/
SecFilter /initrd/
SecFilter /lib/
SecFilter /lost+found/
SecFilter /misc/
SecFilter /mnt/
SecFilter /proc/
SecFilter /root/
SecFilter /sbin/
SecFilter /scripts/
SecFilter /tmp/
SecFilter /usr/local/apache/
SecFilter /usr/local/cpanel/
SecFilter /usr/local/mysql/
SecFilter /var/

SecFilter /bin/cc
SecFilter /bin/gcc

SecFilter "\.\./"
SecFilter "<[[Mod_sec causing problemspace:]]*script"
SecFilter "<(.|\n)+>"
SecFilter "delete[[Mod_sec causing problemspace:]]+from"
SecFilter "insert[[Mod_sec causing problemspace:]]+into"
SecFilter "select.+from"


</IfModule>

Thanks.

 

 

 

 

Top