[mod-security-users] var collection : SecDataDir
Brought to you by:
victorhora,
zimmerletw
From: Сергей Р. <ras...@ok...> - 2013-01-22 14:07:34
|
hello, I have writed a set of rules for bruteforce detection. The problem is that I can't use collection variables : Init collection: SecAction "phase:1,nolog,pass,initcol:IP=%{REMOTE_ADDR},id:1000" Use collection: SecRule IP:blocked "@eq 1" "phase:2,deny, redirect:http://<server_name_here>/limit_exceeded_page.html, severity:2,msg:'IP blocked due to dictionary attack.',id:1001" SecDataDir /root/hosting/apache/security/secure_var_data permissions - drwxrwxrwx 2 nobody nobody 4096 Jan 22 16:47 secure_var_data/ cd secure_var_data; ls -la : -rw-r----- 1 nobody nobody 0 Jan 22 15:49 ip.dir -rw-r----- 1 nobody nobody 0 Jan 22 15:49 ip.pag Error message at the debug log: Failed to access DBM file "/root/hosting/apache/security/secure_var_data/ip": Permission denied Server details: Server version: Apache/2.2.23 (Unix) ModSecurity for Apache/2.7.0 Centos 64 2.6.18-308.24.1.el5 I have googled a lot of time , but can't find complete solution. Because, as I can see, problem not in permissions. Thanks. |