People connecting to my server who have badly infected computers [on hold]





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







0















I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.



Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?



These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.



However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.



A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.



That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?



I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.



Thank you










share|improve this question















put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.














  • 1





    It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.

    – earthmeLon
    2 days ago













  • P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)

    – earthmeLon
    2 days ago








  • 1





    It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.

    – LeonidMew
    2 days ago











  • LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.

    – User6655
    2 days ago











  • Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.

    – crip659
    2 days ago


















0















I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.



Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?



These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.



However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.



A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.



That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?



I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.



Thank you










share|improve this question















put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.














  • 1





    It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.

    – earthmeLon
    2 days ago













  • P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)

    – earthmeLon
    2 days ago








  • 1





    It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.

    – LeonidMew
    2 days ago











  • LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.

    – User6655
    2 days ago











  • Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.

    – crip659
    2 days ago














0












0








0








I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.



Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?



These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.



However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.



A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.



That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?



I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.



Thank you










share|improve this question
















I have an Ubuntu 18.04 Server running ModSecurity and Fail2Ban.
On this server I run a forum.
The Dilemma I'm facing is that I have a dozen or so regular members of my forum who are constantly blocked by Modsecurity for a wide variety of Security Policy Violations. More often than not, SQL Injection attempts.
The logs clearly show attempts to inject extraneous characters and do other malicious things against the server.



Even more frustrating is that most of them report they have no problems at other forums they visit. I find this extremely frustrating. Does this mean I have too much security....or that other forums don't have enough?



These members have heavily donated to support the forum and have been members for 5 - 12 years, so i know them through the forums.



However, most of these dozen or so are what you might call computer illiterate. They aren't savvy to malware and virus protection.
Most are in their 60's and 70's now. so they really don't want a lot of computer hassles.



A few of them do not take too kindly to suggesting it may their computer that's the problem. Even though they know little about computers, they shrug off the suggestion to check and basically shut me up with a "let's don't worry about that" reply.



That said, they are frustrated that they keep getting blocked. My choice is to drop the firewall security....or lose their participation. Since NEITHER option is viable, what is the best course of action in your opinion?



I hope this is not inappropriate here. I'm not sure where else to poist this type of question. Any advice is appreciated.



Thank you







server






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 2 days ago







User6655

















asked 2 days ago









User6655User6655

665




665




put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.









put on hold as primarily opinion-based by vidarlo, mook765, earthmeLon, Florian Diesch, user68186 2 days ago


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.










  • 1





    It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.

    – earthmeLon
    2 days ago













  • P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)

    – earthmeLon
    2 days ago








  • 1





    It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.

    – LeonidMew
    2 days ago











  • LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.

    – User6655
    2 days ago











  • Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.

    – crip659
    2 days ago














  • 1





    It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.

    – earthmeLon
    2 days ago













  • P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)

    – earthmeLon
    2 days ago








  • 1





    It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.

    – LeonidMew
    2 days ago











  • LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.

    – User6655
    2 days ago











  • Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.

    – crip659
    2 days ago








1




1





It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.

– earthmeLon
2 days ago







It's great to try to be considerate of others, their limitations and desires, but not at the cost of your own or others' security or health. Ask your other users if they want to take on the risk of using a system that is used by other, infected systems. I bet you'll get a pretty clear answer thinking of it from that perspective. Next donation round, advise those with issues to get their fixed instead of donating.

– earthmeLon
2 days ago















P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)

– earthmeLon
2 days ago







P.S. How much money do I send you for permission to attack your server, or do I have to be a specific age, first ?(:P)

– earthmeLon
2 days ago






1




1





It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.

– LeonidMew
2 days ago





It depends on forum software. Good one is not affected by SQL injection, cause code can be written in secure way. But if you are not author of forum soft, turning off security modules is not recommended. Security break can affect server as well as another users.

– LeonidMew
2 days ago













LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.

– User6655
2 days ago





LeonidMew, the problem with turning off (or down) the security is in case of a vulnerability in an update or installation of other software on the server. Even the best of the best occasionally make mistakes. Microsoft and Cisco occasionally get hacked.

– User6655
2 days ago













Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.

– crip659
2 days ago





Would it be possible to put on your forum what malware could do on peoples computers, like cleaning out their bank accounts and of their friends and family. Also add easy ways to check and clean their computers.

– crip659
2 days ago










0






active

oldest

votes

















0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes

Popular posts from this blog

GameSpot

日野市

Tu-95轟炸機