background: For my uni project I would like to locally host 3 virtual machines (1 attacker and 2 different WAF) to simulate the effectiveness of certain web application firewalls under malicious behavior. I set up 2 ubuntu VMs (to host NAXSI and Modsecurity separately) and 1 Kali (to attack)
I have set up modsecurity using the documentation and I am using port 3000 for my vulnerable web application (default for OWASP Juice Shop). When using curl http://localhost/index.html?exec=/bin/bash it is giving me a 403 forbidden (showing that it is active on localhost).
Whenever I try to do this for port 3000 it gives me the details of the page, which it should not if it is active However localhost (port 80) is where Apache2 is the Apache2 Default Page and the web application is on port 3000. How can i set it up so that when I curl localhost port 3000 it gives me an error 403 (signifying that modsecurity is protecting that web application.
