[mod-security-users] modsecurity and goodrot
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] modsecurity and goodrot
|
From: listadecorreo <lis...@sb...> - 2010-03-21 07:43:53
|
Helo,
I'm using CentOS release 5.4 and modsecurity-apache_2.5.12 with reverse
proxy. Mod Security work fine, but i'd like add rules of goodrot.
My configuration is:
Client desktop ---> reverse proxy ---> web server
192.168.100.3 192.168.100.30 192.168.100.31
CentOS 5.4 Debian Squeeze
To add the rules do the following...
[root@reverseproxy modsecurity]# wget
http://downloads.prometheus-group.com/delayed/rules/modsec/10_asl_antimalware.conf
[root@reverseproxy modsecurity]# wget
http://downloads.prometheus-group.com/delayed/rules/modsec/malware-blacklist.txt
[root@reverseproxy modsecurity]# mv 10_asl_antimalware.conf
modsecurity_crs_18_asl_antimalware.conf
[root@reverseproxy modsecurity]# touch
/etc/httpd/conf/modsecurity/malware-exclusion-local.txt
I add a local desktop to block, but don't work
[root@reverseproxy modsecurity]# echo "192.168.100.3/" >>
malware-blacklist.txt
[root@reverseproxy modsecurity]# service httpd restart
When I lod the web, he say:
root@webserver:~# tail -f /var/log/apache2/access.log
192.168.100.30 - - [21/Mar/2010:09:15:50 +0100] "GET /error/noindex.html
HTTP/1.1" 404 511 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.2; es-ES;
rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)"
If I disable the rules of gootrot, all works fine
[root@reverseproxy modsecurity]# mv
modsecurity_crs_18_asl_antimalware.conf /root/
[root@reverseproxy modsecurity]# service httpd restart
what is the problem ?
Thanks and excuseme by my poor english
|