Block php file access (modsecurity)

apache-2.2mod-security

How can I block all access to a PHP file? File name is similar to sm6######.php where #### can be any random digit.

How can I do it using mod_sec?

Best Answer

This sounds like a suitable situation for the <FilesMatch > directive, no need for mod_security at all.

<FilesMatch sm6[0-9]+\.php>
  Order Allow,Deny
  Deny from all
</FilesMatch>

Of course, if you don't want anyone to access the file, why not delete it or move it out of the DocumentRoot ?

If you edit your question to include more about who shouldn't be able to access the file I'll update my answer to match.

Related Solutions

Modsecurity: block IP address that visited 404 pages more than 10 times in a minute

Mod_security should already come with some scripts, provided by the OWASP project, which block robots. Have you checked them out? You will have to enable modsecurity_crs_35_bad_robots.conf. You can download the file from the OWASP project site:

https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project

Instructions can be found there as well.

From README:

== base_rules/modsecurity_crs_35_bad_robots.conf ==  Detection of Malicious Robots
    - Unique request attributes: User-Agent header, URL, Headers
    - RBL Check of IP addresses
    - Detection of security scanners
    - Blocking can confuse security testing software (WAFW00f)

ModSecurity not enabled

was able to teak some settings, and correct usage of conf files made it work

Best Answer

Related Solutions

Modsecurity: block IP address that visited 404 pages more than 10 times in a minute

ModSecurity not enabled

Related Topic