Women in Technology

Hear us Roar



Article:
  Introducing mod_security
Subject:   issue with mod_security2
Date:   2006-10-30 12:29:38
From:   monicat
Response to: issue with mod_security2

I found the fix for this:


Change <IfModule mod_security.c>
to
<IfModule mod_security2.c>


and it works like a charm!
- Monica

Full Threads Oldest First

Showing messages 1 through 2 of 2.

  • issue with mod_security2
    2007-02-05 02:09:07  shuvo70 [View]

    Hi

    I have installed modsecurity-apache2-2.0.3-1 rpm at centos-4.4 server. my apache version is httpd-2.0.52-28.ent.centos4
    i cant see any log at /var/log/modsec_audit.log can you please tell what is wrong.

    here is the basic configuration file under /etc/httpd/conf.d/modsecurity.conf

    <IfModule mod_security.c>
    #SecRuleEngine On
    SecFilterEngine On
    SecRequestBodyAccess On
    SecResponseBodyAccess Off
    SecFilterCheckURLEncoding On
    SecFilterCheckUnicodeEncoding Off
    SecFilterCheckCookieFormat On
    SecFilterScanPOST On
    SecFilterForceByteRange 0 255
    SecUploadDir /tmp
    SecUploadKeepFiles Off
    SecAuditEngine RelevantOnly
    SecAuditLog /var/log/httpd/modsec_audit.log
    SecFilterDebugLog /var/log/httpd/modsec_debug.log
    SecFilterDebugLevel 0
    SecFilterDefaultAction "deny,log,status:406"
    SecFilterSelective REMOTE_ADDR "^127.0.0.1$" nolog,allow
    </IfModule>

    i tried to change as per your mail ifModule mod_security2.c but that time httpd cant start.

    what could be the problem
    • issue with mod_security2
      2007-02-07 11:26:00  Ivan Ristic | O'Reilly Author [View]

      That configuration is for ModSecurity 1.9.x. ModSecurity 2.x uses different syntax. There's an example configuration included with distribution, along with the manual. BTW, you are more likely to get answers on the mod-security-users list.