People connecting to my server who have badly infected computers [on hold] The 2019 Stack Overflow Developer Survey Results Are InConnecting to Internet Through Another Computers ConnectionSharing server to several computers at homeubuntu 12.04 lts secure lamp serverOpenSSH: hacked before set up?Ubuntu 16.04 LTS, ZFS, SWRAID and mentoring inquiriesHow can I safely allow a php based website to create a linux user and interact with the environment?How to use software installed on another computer?Dealing with a malware infected server (VPS)Team dev members can't access ssh root@[ip]Ubuntu 18.04.1 Server not connecting to internet from VirtualBox
Identify boardgame from Big movie
Loose spokes after only a few rides
Resizing object distorts it (Illustrator CC 2018)
Is "plugging out" electronic devices an American expression?
What do hard-Brexiteers want with respect to the Irish border?
What does Linus Torvalds mean when he says that Git "never ever" tracks a file?
Why do UK politicians seemingly ignore opinion polls on Brexit?
If a Druid sees an animal’s corpse, can they Wild Shape into that animal?
Is bread bad for ducks?
Why is the maximum length of OpenWrt’s root password 8 characters?
Which Sci-Fi work first showed weapon of galactic-scale mass destruction?
Can we generate random numbers using irrational numbers like π and e?
Did Section 31 appear in Star Trek: The Next Generation?
Output the Arecibo Message
Can a rogue use sneak attack with weapons that have the thrown property even if they are not thrown?
How come people say “Would of”?
A poker game description that does not feel gimmicky
What is the motivation for a law requiring 2 parties to consent for recording a conversation
Have you ever entered Singapore using a different passport or name?
Protecting Dualbooting Windows from dangerous code (like rm -rf)
Button changing it's text & action. Good or terrible?
For what reasons would an animal species NOT cross a *horizontal* land bridge?
What do the Banks children have against barley water?
The difference between dialogue marks
People connecting to my server who have badly infected computers [on hold]
The 2019 Stack Overflow Developer Survey Results Are InConnecting to Internet Through Another Computers ConnectionSharing server to several computers at homeubuntu 12.04 lts secure lamp serverOpenSSH: hacked before set up?Ubuntu 16.04 LTS, ZFS, SWRAID and mentoring inquiriesHow can I safely allow a php based website to create a linux user and interact with the environment?How to use software installed on another computer?Dealing with a malware infected server (VPS)Team dev members can't access ssh root@[ip]Ubuntu 18.04.1 Server not connecting to internet from VirtualBox
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.
Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?
These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.
However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.
A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.
That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?
I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.
Thank you
server
asked 2 days ago
User6655User6655
665
put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago
Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.
Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?
These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.
However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.
A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.
That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?
I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.
Thank you
server
asked 2 days ago
User6655User6655
665
put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago
Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.
1
It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.
– earthmeLon
2 days ago
P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)
– earthmeLon
2 days ago
1
It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.
– LeonidMew
2 days ago
LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.
– User6655
2 days ago
Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.
– crip659
2 days ago
add a comment |
I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.
Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?
These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.
However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.
A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.
That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?
I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.
Thank you
server
asked 2 days ago
User6655User6655
665
I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.
Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?
These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.
However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.
A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.
That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?
I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.
Thank you
server
server
asked 2 days ago
User6655User6655
665
asked 2 days ago
User6655User6655
665
edited 2 days ago
User6655
asked 2 days ago
User6655User6655
665
asked 2 days ago
User6655User6655
665
asked 2 days ago
User6655User6655
665
665
put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago
Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.
put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago
Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.
1
It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.
– earthmeLon
2 days ago
P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)
– earthmeLon
2 days ago
1
It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.
– LeonidMew
2 days ago
LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.
– User6655
2 days ago
Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.
– crip659
2 days ago
add a comment |
1
It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.
– earthmeLon
2 days ago
P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)
– earthmeLon
2 days ago
1
It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.
– LeonidMew
2 days ago
LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.
– User6655
2 days ago
Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.
– crip659
2 days ago
1
1
It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.
– earthmeLon
2 days ago
It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.
– earthmeLon
2 days ago
P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)
– earthmeLon
2 days ago
P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)
– earthmeLon
2 days ago
1
1
It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.
– LeonidMew
2 days ago
It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.
– LeonidMew
2 days ago
LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.
– User6655
2 days ago
LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.
– User6655
2 days ago
Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.
– crip659
2 days ago
Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.
– crip659
2 days ago
add a comment |
0
active
oldest
votes
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
1
It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.
– earthmeLon
2 days ago
P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)
– earthmeLon
2 days ago
1
It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.
– LeonidMew
2 days ago
LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.
– User6655
2 days ago
Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.
– crip659
2 days ago