Current time: 12-25-2024, 11:33 PM Hello There, Guest! (LoginRegister)


Post Reply 
[HowTo] Mod Security on debian
Author Message
hxbro Offline
Junior Member
*

Posts: 34
Joined: Feb 2007
Reputation: 0
Post: #11
RE: Mod Security on debian
You'll have to do a lot of tweaking with the gotroot rules, you'll need to monitor daily your mod security log to see what's been blocked, and tweak the rules to make them work.
04-22-2008 01:57 AM
Find all posts by this user Quote this message in a reply
hYemac Offline


Posts: 1
Joined: May 2008
Reputation: 0
Post: #12
RE: Mod Security on debian
having issues .. system debian..

checking for strstr... yes
checking for strtol... yes
configure: looking for Apache module support via DSO through APXS
configure: found apxs at /usr/bin/apxs
configure: checking httpd version
configure: error: apache is too old
./configure: line 5051: exit: mmn: numeric argument required
./configure: line 5051: exit: mmn: numeric argument required

does are the inputs on

./configure && make && make install

thank you..
05-03-2008 11:08 AM
Find all posts by this user Quote this message in a reply
hxbro Offline
Junior Member
*

Posts: 34
Joined: Feb 2007
Reputation: 0
Post: #13
RE: Mod Security on debian
apache is out of date, you should be running 2.x at least I think, preferably 2.2.x

What version of debian and apache are you running?

Do you update your system regularly using :

apt-get update && apt-get upgrade

?
05-03-2008 11:02 PM
Find all posts by this user Quote this message in a reply
Quemeros Offline
Junior Member
*

Posts: 86
Joined: Nov 2007
Reputation: 0
Post: #14
RE: Mod Security on debian
I finish install mod_security but... now Apache reports that it are: "Apache/2.2.0 (Fedora) mod_fastcgi/2.4.2"... but the server si (like my signature say) a Debian Etch 2.2.4 :S (last remember)... it is normal :S?
(This post was last modified: 05-08-2008 10:47 AM by Quemeros.)
05-08-2008 10:45 AM
Find all posts by this user Quote this message in a reply
mafia Offline
Banned

Posts: 170
Joined: May 2008
Post: #15
RE: Mod Security on debian
bonjour

je viens install le mod security

voila erreur

ebian:/tmp# /etc/init.d/apache2 restart
Forcing reload of web server (apache2)...apache2: Syntax error on line 195 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/conf.d/mod-security2.conf: Include takes one argument, Name of the config file to be included
failed!
debian:/tmp#

/etc/apache2/conf.d/mod-security2.conf
include /etc/modsecurity2 /*. conf

merci
05-10-2008 04:09 AM
Find all posts by this user Quote this message in a reply
Zothos Offline
Release Manager
*****
Dev Team

Posts: 1,262
Joined: Feb 2007
Reputation: 10
Post: #16
RE: Mod Security on debian
include /etc/modsecurity2 /*. conf -> include /etc/modsecurity2/*. conf
05-10-2008 04:52 AM
Find all posts by this user Quote this message in a reply
mafia Offline
Banned

Posts: 170
Joined: May 2008
Post: #17
RE: Mod Security on debian
je fait quoi j ai pas compris merci
05-10-2008 06:25 PM
Find all posts by this user Quote this message in a reply
greatman Offline
Junior Member
*

Posts: 40
Joined: Apr 2008
Reputation: 0
Post: #18
RE: Mod Security on debian
ton include est mal fait il doit etre comme sa: include /etc/modsecurity/*.conf

P.S: T'aura plus de chance dans le forum fr que dans le english Tongue
05-12-2008 02:15 AM
Find all posts by this user Quote this message in a reply
fulltilt Offline
Member
***

Posts: 1,225
Joined: Apr 2007
Reputation: 5
Post: #19
RE: Mod Security on debian
i need to exclude a rule in useragents.conf for a cron script:
Code:
#Blocks scripts
SecRule HTTP_User-Agent lwp
but this rule have no ID - how can i set this in exclude.conf ...
Can i use "lwp" instead of a ID Number here?
Code:
#cron
<LocationMatch "/cron_jobs/main_cron.php">
  SecRuleRemoveById lwp
</LocationMatch>
05-12-2008 08:41 PM
Find all posts by this user Quote this message in a reply
tassoman Offline
Junior Member
*

Posts: 15
Joined: May 2008
Reputation: 0
Post: #20
RE: Mod Security on debian
how to test if rules are working flawless?
06-03-2008 05:30 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 2 Guest(s)