Re: [mod-security-users] How to configure ModSecurity on CentOS 8?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] How to configure ModSecurity on CentOS 8?
|
From: Jason L. <hac...@ya...> - 2021-02-22 17:49:23
|
I thought nobody here answered because that version 2.9.2 is old! Uninstall version 3? On Monday, February 22, 2021, 03:37:55 PM GMT+3:30, Reindl Harald <h.r...@th...> wrote: Am 21.02.21 um 20:28 schrieb Jason Long via mod-security-users: > Thank you so much for your answer. > I installed ModSecurity as below: > > # yum install gcc-c++ flex bison yajl yajl-devel curl-devel curl > GeoIP-devel doxygen zlib-devel pcre-devel > # cd /opt/ > # git clone https://github.com/SpiderLabs/ModSecurity > # cd ModSecurity > # git checkout -b v3/master origin/v3/master > # sh build.sh > # git submodule init > # git submodule update > # ./configure > # yum install > https://archives.fedoraproject.org/pub/archive/fedora/linux/updates/23/x86_64/b/bison-3.0.4-3.fc23.x86_64.rpm > # make > # make install what he hell are you doing? compiling stuff? mixing Fedora and CentOS packaging? > But I can't see any "mod_security.conf" file in "httpd" directory! > Why? what about install modsec and the core ruleset from *packages* (EPEL if needed) and look tighter with "ls -lhaR /etc/httpd/"? yum install mod_security mod_security_crs it's in /etc/httpd/conf.d [harry@srv-rhsoft:/downloads]$ rpm -q --filesbypkg mod_security-2.9.3-9.eln109.x86_64.rpm mod_security /etc/httpd/conf.d/mod_security.conf mod_security /etc/httpd/conf.modules.d/10-mod_security.conf mod_security /etc/httpd/modsecurity.d mod_security /etc/httpd/modsecurity.d/activated_rules mod_security /etc/httpd/modsecurity.d/local_rules mod_security /etc/httpd/modsecurity.d/local_rules/modsecurity_localrules.conf mod_security /usr/lib/.build-id mod_security /usr/lib/.build-id/c0 mod_security /usr/lib/.build-id/c0/9fe3397f1beb60cd30f4fa5a3ac1a24f2c93df mod_security /usr/lib64/httpd/modules/mod_security2.so mod_security /usr/share/doc/mod_security mod_security /usr/share/doc/mod_security/CHANGES mod_security /usr/share/doc/mod_security/LICENSE mod_security /usr/share/doc/mod_security/NOTICE mod_security /usr/share/doc/mod_security/README.md mod_security /var/lib/mod_security [harry@srv-rhsoft:/downloads]$ rpm -q --filesbypkg mod_security_crs-3.0.0-12.eln109.noarch.rpm mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-901-INITIALIZATION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-905-COMMON-EXCEPTIONS.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-910-IP-REPUTATION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-911-METHOD-ENFORCEMENT.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-912-DOS-PROTECTION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-913-SCANNER-DETECTION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-921-PROTOCOL-ATTACK.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-950-DATA-LEAKAGES.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-959-BLOCKING-EVALUATION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-980-CORRELATION.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf mod_security_crs /etc/httpd/modsecurity.d/activated_rules/crawlers-user-agents.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/iis-errors.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/java-code-leakages.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/java-errors.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/lfi-os-files.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/php-config-directives.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/php-errors.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/php-function-names-933150.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/php-function-names-933151.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/php-variables.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/restricted-files.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/scanners-headers.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/scanners-urls.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/scanners-user-agents.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/scripting-user-agents.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/sql-errors.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/sql-function-names.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/unix-shell.data mod_security_crs /etc/httpd/modsecurity.d/activated_rules/windows-powershell-commands.data mod_security_crs /etc/httpd/modsecurity.d/crs-setup.conf mod_security_crs /usr/share/doc/mod_security_crs mod_security_crs /usr/share/doc/mod_security_crs/CHANGES mod_security_crs /usr/share/doc/mod_security_crs/README.md mod_security_crs /usr/share/licenses/mod_security_crs mod_security_crs /usr/share/licenses/mod_security_crs/LICENSE mod_security_crs /usr/share/mod_modsecurity_crs mod_security_crs /usr/share/mod_modsecurity_crs/rules mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-901-INITIALIZATION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-905-COMMON-EXCEPTIONS.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-910-IP-REPUTATION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-911-METHOD-ENFORCEMENT.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-912-DOS-PROTECTION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-913-SCANNER-DETECTION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-921-PROTOCOL-ATTACK.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-950-DATA-LEAKAGES.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/RESPONSE-980-CORRELATION.conf mod_security_crs /usr/share/mod_modsecurity_crs/rules/crawlers-user-agents.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/iis-errors.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/java-code-leakages.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/java-errors.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/lfi-os-files.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/php-config-directives.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/php-errors.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/php-function-names-933150.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/php-function-names-933151.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/php-variables.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/restricted-files.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/scanners-headers.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/scanners-urls.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/scanners-user-agents.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/scripting-user-agents.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/sql-errors.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/sql-function-names.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/unix-shell.data mod_security_crs /usr/share/mod_modsecurity_crs/rules/windows-powershell-commands.data _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |
