[HowTo] Mod Security on debian

[HowTo] Mod Security on debian - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Contributions Area (/forum-40.html)
+--- Forum: Howtos (/forum-41.html)
+--- Thread: [HowTo] Mod Security on debian (/thread-2862.html)

Pages: 1 2 3 4

RE: Mod Security on debian - hxbro - 04-22-2008 01:57 AM

You'll have to do a lot of tweaking with the gotroot rules, you'll need to monitor daily your mod security log to see what's been blocked, and tweak the rules to make them work.

RE: Mod Security on debian - hYemac - 05-03-2008 11:08 AM

having issues .. system debian..

checking for strstr... yes
checking for strtol... yes
configure: looking for Apache module support via DSO through APXS
configure: found apxs at /usr/bin/apxs
configure: checking httpd version
configure: error: apache is too old
./configure: line 5051: exit: mmn: numeric argument required
./configure: line 5051: exit: mmn: numeric argument required

does are the inputs on

./configure && make && make install

thank you..

RE: Mod Security on debian - hxbro - 05-03-2008 11:02 PM

apache is out of date, you should be running 2.x at least I think, preferably 2.2.x

What version of debian and apache are you running?

Do you update your system regularly using :

apt-get update && apt-get upgrade

?

RE: Mod Security on debian - Quemeros - 05-08-2008 10:45 AM

I finish install mod_security but... now Apache reports that it are: "Apache/2.2.0 (Fedora) mod_fastcgi/2.4.2"... but the server si (like my signature say) a Debian Etch 2.2.4 :S (last remember)... it is normal :S?

RE: Mod Security on debian - mafia - 05-10-2008 04:09 AM

bonjour

je viens install le mod security

voila erreur

ebian:/tmp# /etc/init.d/apache2 restart
Forcing reload of web server (apache2)...apache2: Syntax error on line 195 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/conf.d/mod-security2.conf: Include takes one argument, Name of the config file to be included
failed!
debian:/tmp#

/etc/apache2/conf.d/mod-security2.conf
include /etc/modsecurity2 /*. conf

merci

RE: Mod Security on debian - Zothos - 05-10-2008 04:52 AM

include /etc/modsecurity2 /*. conf -> include /etc/modsecurity2/*. conf

RE: Mod Security on debian - mafia - 05-10-2008 06:25 PM

je fait quoi j ai pas compris merci

RE: Mod Security on debian - greatman - 05-12-2008 02:15 AM

ton include est mal fait il doit etre comme sa: include /etc/modsecurity/*.conf

P.S: T'aura plus de chance dans le forum fr que dans le english Tongue

RE: Mod Security on debian - fulltilt - 05-12-2008 08:41 PM

i need to exclude a rule in useragents.conf for a cron script:

Code:

#Blocks scripts

SecRule HTTP_User-Agent lwp

but this rule have no ID - how can i set this in exclude.conf ...
Can i use "lwp" instead of a ID Number here?

Code:

#cron

<LocationMatch "/cron_jobs/main_cron.php">

  SecRuleRemoveById lwp

</LocationMatch>

RE: Mod Security on debian - tassoman - 06-03-2008 05:30 AM

how to test if rules are working flawless?