Mod_Security and Joomla specifically OWASP

Need help with the Administration of your Joomla! 2.5 site? This is the spot for you.

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
microchipmatt
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Tue Dec 17, 2013 9:05 pm

Mod_Security and Joomla specifically OWASP

Post by microchipmatt » Tue Dec 17, 2013 9:08 pm

For those that are using mod_security, have you used the OWASP Core rule set? did it pose any large issues, in regards to your joomla install...Unexpleceted legitmarte blocks, joomla accessing sql etc?

 
User avatar
reggaebkk
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 113
Joined: Mon Jul 14, 2008 1:39 pm

Re: Mod_Security and Joomla specifically OWASP

Post by reggaebkk » Tue Apr 07, 2015 3:10 pm

Hi, I will post in here because it seems very related and there's no reply.

I've been reading a lot about mod security rule sets recently because I am trying to block unknown bots better.

I have read a lot of posts regarding the use of owasp atomic and comodo rules and it seems that they used to have a lot of problems with joomla but I am unsure if this has improved because all posts on all websites are at least 6 months old.

Does anyone know which set of rules would help best to block bad bots without giving headaches with Joomla 3?

It seems atomic is not free anymore, so it leaves me with comodo or owasp... or is there another, better? more compatible with Joomla?

User avatar
railer
Joomla! Explorer
Joomla! Explorer
Posts: 282
Joined: Mon Feb 27, 2006 7:52 pm

Re: Mod_Security and Joomla specifically OWASP

Post by railer » Mon Jun 27, 2016 10:41 pm

Yes, I tried using the core set and I wasn't able to save articles. Just get bounced back to the home page. Did some tests and disabled all and saving worked.
Then re-enabled each one by one and this set caused problems:
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf

But after about 10 minutes of editing, got the same problem again. So I disabled them all for the time being.

Could use some definitive comments on what sets are compatible with Joomla. I don't see anything in my error logs. Will keep dabbling with it.

 

Locked

Return to “Administration Joomla! 2.5”