mod_security + phpMyAdmin

A few days ago I had a terrible problem with installed ModSecurity and phpMyAdmin. Basically the problem is that koreneše, the security module was rekuestovete of phpMyadmin-a as sql injection attacks. The solution is trivial again just for files of phpmyadmin-a except mačvaneto the rules. Modsecurity rules on them. d/modsecurity_localrules. which is located in the conf folder of apache server. Here are the rules.

<LocationMatch “/phpmyadmin/tbl_change.php”>
SecRuleEngine Off
</LocationMatch>

<LocationMatch “/phpmyadmin/sql.php”>
SecRuleEngine Off
</LocationMatch>

<LocationMatch “/phpmyadmin/managecontent.php”>
SecRuleEngine Off
</LocationMatch>

<LocationMatch “/phpmyadmin/import.php”>
SecRuleEngine Off
</LocationMatch>

<LocationMatch “/phpmyadmin/tbl_select.php”>
SecRuleEngine Off
</LocationMatch>

<LocationMatch “/phpmyadmin/tbl_replace.php”>
SecRuleEngine Off
</LocationMatch>

leave a reply

Your email address will not be published. Required fields are marked *

anti SPAM *