I am running nextcloud AIO with reverse proxy. I want to configure modsecurity how is it possible? I just want to configure a rule where a url is blocked if accessed from a specific ip range.
Hi, I dont know much about modsecurity but you could potentially use this community container which allows to do geoblocking: all-in-one/community-containers/caddy at main · nextcloud/all-in-one · GitHub
Apart from that, there will be a way to limit admin actions to certain ip-ranges with Nextcloud 30: Hardening and security guidance — Nextcloud latest Administration Manual latest documentation
There are far easier ways to do that than mod_security. Check the manual for whatever web server you’re using as reverse proxy.
Use your favorite search engine. Nginx (NPM included) can do this. e.g. https://www.reddit.com/r/unRAID/comments/vldhki/block_a_specific_sub_folder_using_nginx_proxy/
I was trying that, im able to deny request but not allow a subnet.
I’m trying the following, deny working on all but allow not working why?
location ~* ^/apps/mail/api/messages/\d+/attachment/\d+$ {
allow 192.168.0.0/16;
deny all;
}
This is a typical use case for mod_security! Your rule should look like this:
# Allow access to mail attachments only from local network
SecRule REQUEST_URI "@rx ^/apps/mail/api/messages/\d+/attachment/\d+" \
"id:900100,\
phase:1,\
deny,\
t:none,\
msg:'Blocked access to Mail attachment from outside local network',\
chain"
SecRule REMOTE_ADDR "!@ipMatch 192.168.189.0/24" # adjust your local network/subnet
I assume you know how to install modsecurity on your server and where to put this rule.
h.t.h.
Much and good luck,
ernolf