I’ve been getting hits on a mod-sec html file. I looked at the server logs and found that these were being redirected from one of my login files. My host must have installed Mod Sec while I wasn’t looking and it is sending out a redirect when it discovers bad hits. Mod Sec or ModSecurity is a nifty add-on to Apache that checks web requests for security issues. I was thinking about learning how it works and adding some of my experience in stopping spam to it.
Now, normally this would be a good thing. There are warnings about Mod Sec being overly aggressive, but I like that in a security program. I’d rather block a few people than let someone hack my site. The problem is: I am testing a plugin that does some of the things Mod Sec does, and I can’t test without data. I think the program works just fine, even though it is not catching anything. Mod Sec gets the bad guys first, and this is the reason the plugin is coming up empty.
I have to find a free hosting site that does not have Mod Sec, install WordPress, and see if I can send it some traffic.
In the mean time, my security system scans my web logs for hits on Mod-Sec and adds the ip to the ban list.
I haven’t worked on the main framework of the new Protection plugin for a few months. I worked on it yesterday and I have been consolidating the new code and the Stop Spammers modules into it. I broke it good yesterday and will not be able to work on it again for a few weeks, so I hope I remember what I was working on when I find time again. I don’t know whether to release this as Stop Spammers version 6 or as a new plugin. It is really a totally new plugin that uses loadable PHP classes. The thinking is that I want people to download the modules that that they need from my website and not just install everything. People will be forced to think about what they install, especially if I charge 99ยข for the fancy modules.