Category : mod-security2

We are using apache module for our web server(windows OS). We need to prevent unsuccessful authentication attempt by the user. Hence we thought to use Mod Security module. I uses this standard configuration setting in "modsecurity-minimal.conf" as below SecStatusEngine On SecRule IP:bf_block "@eq 1" "id:’2000004′,phase:4,deny, logdata:’Access denied [by IP] IP: @%{REMOTE_ADDR}, user: %{USER.name}’ SecRule USER:bf_block ..

Read more