I want to scan the file downloads with mod-security. Is it possible to do this? I could not find any way of doing it. File upload scanning is feasible but how to do scanning of downloads?
Related Questions in APACHE
- Special access rule in an .htaccess file for IP addresses, authorized only for one directory structure
- How to isolate PHP apps from each other on a local machine(Windows or Linux)?
- Cannot load modules/mod_dav_svn.so into server
- How to ignore case in regexp mapping in a .htaccess rewrite rule?
- Oracle Http server ISNT-07551
- I cant access file directory with PHP local host on XAMPP. it just shows one of the files I have in my visual studio code
- Apache Reverse Proxy: only one proxy directive is working. Second one is ignored
- Issue with Django --> Apache WSGI deployment
- changing the node version used by apache web server
- Apache: How can I redirect to a subfolder with a URL param but serve required content via the main URL?
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- Set up MX records in apache/Ubuntu to point to external mail server
- How to proxy to another port?
- Php can not upload file out of /var/www/html even after disabling Selinux
- Serve static site on S3 + CloudFlare with Apache retaining the source URL
Related Questions in MOD-SECURITY
- Apache2 Modsecurity configuration file error
- Can we use back-references with Modsecurity 2.9 rsub operator?
- Mod Security IIS 10 is blocking PHP interacation even in DetectionOnly
- Is ModSecurity 2.9 able to perform censorship ? (change the response body)
- SecRule REQUEST_HEADERS:Content-Type to parse XML & JSON for Ingress k8s
- ModSecurity with OWASP-CRS blocks ERDDAP queries containing '(' and ')' characters
- mTLS with Apache proxy and many user certs?
- Modsecurity blocks my legit POST request (403 forbidden)
- Wordpress open accordion code snippet. Request failed with status code 418 on dreamhost
- Cannot access XML element within a namespace using ModSecurity
- Chained rule not working in ModSecurity/Coraza
- Rate limit on a per-IP basis using ModSecurity
- Mixing logical OR and AND in ModSecurity/Coraza
- ModSecurity rule to find JSON value in request body
- OWASP ModSecurity 2.9 on IIS Causing 403 Forbidden
Related Questions in MOD-SECURITY2
- Fine-tuning mod_security rule 942100
- How to prevent duplicate requests in apache2
- Getting ModSecurity: Access denied with code 44 on Laravel Form Submit
- How do I use ModSecurity's transformation function to encode the request_body
- Modsecurity block Google tag manager iframe
- Modsecurity Custom Lua Rule Not Capturing REQUEST_HEADERS
- Modsecurity block access from all countries except from a specific IP or specific remote host
- Keycloak with mod-security
- How to block based on request content to a specific file?
- Allow Mod-Security for request uri
- How to install Modsecurity 2.9.6 on Debian 11 with Apache2?
- `http.service` fail to start with `exit-code` or `protocol`
- Modsecurity V3.0: OpenLiteSpped how to block cookie
- administer wordpress despite 406 blocks from modsecurity
- configure: error: unrecognized option: `--add-dynamic-module=/usr/local/src/ModSecurity-nginx'
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Yes it's possible to do this.
Look at SecResponseBodyAccess and SecResponseMimeType. Note however that only text files are really useful to check. PDFs and other documents which contain binary data lead to many false positives.