need advice on mod_security config
I will be very greatful if someone could give me advice on the followings:
Is the following addition to mod_security sufficient??
If not what else would you add??
===========================
# WEB-ATTACKS wget command attempt
SecFilterSelective THE_REQUEST "wget "
# WEB-ATTACKS uname -a command attempt
SecFilterSelective THE_REQUEST "uname -a"
# WEB-ATTACKS .htgroup access
SecFilterSelective THE_REQUEST "\.htgroup"
# WEB-ATTACKS .htaccess access
SecFilterSelective THE_REQUEST "\.htaccess"
# WEB-CLIENT Javascript URL host spoofing attempt
SecFilter "javascript\://"
# WEB-MISC cross site scripting \(img src=javascript\) attempt
SecFilter "img src=javascript"
# WEB-MISC cd..
SecFilterSelective THE_REQUEST "cd\.\."
# WEB-MISC ///cgi-bin access
SecFilterSelective THE_REQUEST "///cgi-bin"
# WEB-MISC /cgi-bin/// access
SecFilterSelective THE_REQUEST "/cgi-bin///"
# WEB-MISC /~root access
SecFilterSelective THE_REQUEST "/~root"
# WEB-MISC /~ftp access
SecFilterSelective THE_REQUEST "/~ftp"
# WEB-MISC htgrep attempt
SecFilterSelective THE_REQUEST "/htgrep" chain
SecFilter "hdr=/"
# WEB-MISC htgrep access
SecFilterSelective THE_REQUEST "/htgrep" log,pass
# WEB-MISC .history access
SecFilterSelective THE_REQUEST "/\.history"
# WEB-MISC .bash_history access
SecFilterSelective THE_REQUEST "/\.bash_history"
# WEB-MISC /~nobody access
SecFilterSelective THE_REQUEST "/~nobody"
# WEB-PHP PHP-Wiki cross site scripting attempt
==================================
Thanks in advance
