[Owasp-modsecurity-core-rule-set] Is it possible to use modsecurity rules to prevent logins by specific user accounts?

Mansell, Gary Gary.Mansell at ricardo.com
Mon Mar 14 15:12:45 UTC 2016


Hi,

I have an internal Web application that uses Apache Basic Authentication, checking user account logins against an internal LDAP Server for authentication.

I am now looking to present this Web Application to whitelisted IP's on the Internet, by means of a Reverse Proxy Apache Server in a DMZ with modsecurity enabled and one of the free rulesets to protect the application being abused. Both the Reverse Proxy and the Internal Apache server are configured for https only.

It occurs to me that Administrative users should never be able to login to the Web Application from the via the Reverse Proxy Apache server - I hence wonder if it is possible to use modsecurity on the Reverse Apache server to prevent specific Admin user accounts from logging in to the Web Application?

If so, please can someone point me in the direction of how I might achieve this?

Thanks

Gary



--------------------------------------------------------------------------------------------------------------------------------------------------------------
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are
addressed. If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system.
Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those
of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient). Only Directors
are authorised to enter into legally binding obligations on behalf of Ricardo. Ricardo may monitor outgoing and incoming e-mails and
other telecommunications systems. By replying to this e-mail you give consent to such monitoring. The recipient should check e-mail and
any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail.
"Ricardo" means Ricardo plc and its subsidiary companies.
Ricardo plc is a public limited company registered in England with registered number 00222915.
The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG.
--------------------------------------------------------------------------------------------------------------------------------------------------------------


More information about the Owasp-modsecurity-core-rule-set mailing list