Sorry, ive just tried to use the ports install on the freebsd dev
system, it had the module commented out, i uncommented and attempted a
Syntax error on line 279 of /usr/local/etc/apache2/httpd.conf:
Can't locate API module structure `security_module' in file
/usr/local/libexec/apache2/mod_security.so: Undefined symbol
LoadModule security_module libexec/apache2/mod_security.so
Ivan Ristic wrote:
> On 11/21/06, Dan Rossi <spam@...> wrote:
>> > I am not sure what problem you are describing. Can you be more
>> > specific please?
>> Ok a rule for a cookie data check had a log,pass action was causing a
>> 500 status from the default action deny,log,status:500 etc, i was also
>> getting a default status of 403 when i set the default action to
>> "auditlog,pass" so i can see what urls should be getting through but are
>> tripping the audit log, so still allow the traffic until i tweak
> To me sounds like the situation I explained in one of my previous
> emails. In ModSecurity 1.9.x (not so in 2.x) there is a number of
> checks that are enabled with configuration, not with rules. If any of
> those checks are triggered access will be forbidden. The default
> action list only affects rules. If you don't like this you need to
> relax the checks in configuration.
>> > You can implement that via en external script using the exec action.
>> > In general it's not a very good idea unless you implement throttling
>> > too, ie have a mechanism that will prevent uncontrolled sending of
>> > thousands of emails.
>> I could look at some kind of "buffered smtp appender", what i was asking
>> specicially how are we able to send the message as an argument to a perl
>> script ie "deny,log,status:500,send:alert.pl themessagevarhere". I only
>> really need this for the start , as it seems im getting alot of
>> errornous audits which should be letting traffic through so i need to be
>> aware of it so take action and tweak things.
> All the information should be in the environment variables. Just print
> all of them and you'll see what I mean.