ModSecurity

From Crypto++ Wiki
Jump to navigation Jump to search

ModSecurity or mod_security or is an OWASP security module that provides generic attack detection rules for use with a Web Application Firewall. The Crypto++ web server and wiki uses ModSecurity to help control attacks on the web server.

Sometimes ModSecurity will stop an author from updating a wiki page and return an error. Often, the page will have two or more dashes, like --. The page Keys and Formats is a good example of a page that is hard to update. Trying to save the page often results in a 403 Forbidden.

When you encounter a 403 Forbidden when updating a wiki page, you have to disable ModSecurity, save the page, and then re-enable ModSecurity. To disable ModSecurity perform the following commands as root:

a2dismod security2
systemctl restart apache2

Once a page is saved, re-enable ModSecurity with the following commands as root:

a2enmod security2
systemctl restart apache2