Re: [mod-security-users] NO LOGS formed for MOD Security
Brought to you by:
victorhora,
zimmerletw
From: Brian R. <Bri...@br...> - 2009-05-21 17:08:10
|
I don't think you read my *complete* email you quoted below, because you made the same mistake. Please re-read. ;) -B SONNY LASKAR wrote: > Hi, > I have installed apache 2.2.4 on a new server (RHEL 3). > I have configured mod_security and loaded mod_unique_id but still no > logs are getting generated after refreshing apache. > The httpd.conf is attached. > Please advice. > > Regards > Sonny > India > > On Thu, May 21, 2009 at 9:26 PM, Brian Rectanus > <Bri...@br...> wrote: >> SONNY LASKAR wrote: >>> HI, >>> Thanks for your help. >>> I have configured Mod Security as adviced in ModSecurity Manual. >>> I would like to provide the following inputs. >>> >>> INSTALL PATH: /usr/local/apache >>> APACHE VERSION: Server version: Apache/2.2.11 (Unix) >>> OSLEVEL: Linux se-dev-web 2.6.18-92.el5 #1 SMP Tue Apr 29 13:16:12 EDT >>> 2008 i686 i686 i386 GNU/Linux >>> >>> I have also attached the httpd.conf, ssl.conf and mod_secutiry.conf >>> for your reference. >>> We are using https so ssl.conf is also Included in httpd.conf. >>> After starting apache I get the following message in error_log. >>> >>> [Thu May 21 12:00:55 2009] [notice] caught SIGTERM, shutting down >>> [Thu May 21 12:01:02 2009] [warn] No JkShmFile defined in httpd.conf. >>> Using default /usr/local/apache/logs/jk-runtime-status >>> [Thu May 21 12:01:02 2009] [notice] ModSecurity for Apache/2.5.9 >>> (http://www.modsecurity.org/) configured. >> You have it loaded. >> >> >>> [Thu May 21 12:01:03 2009] [warn] No JkShmFile defined in httpd.conf. >>> Using default /usr/local/apache/logs/jk-runtime-status >>> [Thu May 21 12:01:03 2009] [notice] Apache/2.2.11 (Unix) >>> mod_ssl/2.2.11 OpenSSL/0.9.8b mod_jk/1.2.26 configured -- resuming >>> normal operations >>> >>> I have set the Debug LogLevel to 9 but no logs are getting generated, >>> may be i am commiting some silly mistake. >>> Please advice. >> >> You have not yet configured it. What you did do is configure ModSecurity >> 1.x, but then loaded 2.x, so the 1.x config was not included in the Apache >> config due to the failing IfModule block in your mod_security.conf file: >> >> >> <IfModule mod_security.c> >> ... >> </IfModule> >> >> Now, if you change that to the following so that the IfModule block is >> included (it is the mod_security2 module you loaded after all): >> >> >> <IfModule mod_security2.c> >> ... >> </IfModule> >> >> >> You will see that Apache will fail to start because the config you have >> within this block is for ModSecurity 1.x and you need to use 2.x syntax. >> >> Take a look at the Core Rules in the "rules" directory of the 2.5.7 source >> package (the README). This is a good starting place for configuring >> ModSecurity 2.x. >> >> -B >> >> -- >> Brian Rectanus >> Breach Security >> -- Brian Rectanus Breach Security |