Re: [mod-security-users] How to configure ModSecurity on CentOS 8?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] How to configure ModSecurity on CentOS 8?
|
From: Ervin H. <ai...@gm...> - 2021-03-02 09:48:29
|
Hi Jason, On Tue, Mar 02, 2021 at 09:13:30AM +0000, Jason Long wrote: > Hi Ervin,Thank you so much for your reply.I read "https://github.com/coreruleset/coreruleset/blob/v3.4/dev/INSTALL" and I have other questions: > 1- At "https://github.com/coreruleset/coreruleset/blob/v3.4/dev/INSTALL" I read "Download our release from https://coreruleset.org/installation/ and unpack it into a new owasp-modsecurity-crs folder". Thus, I must create a "owasp-modsecurity-crs" directory in the "/etc/httpd/modsecurity.d/" directory? that's your decision. You can unpack them where you want: into a new (sub) directory, or you can overwrite the existing rules. > 2- In the "httpd.conf" file, you can add some configuration lines and as "https://github.com/coreruleset/coreruleset/blob/v3.4/dev/INSTALL" said, it is : > <IfModule security2_module> Include modsecurity.d/owasp-modsecurity-crs/crs-setup.conf Include modsecurity.d/owasp-modsecurity-crs/rules/*.conf </IfModule> (sorry for the side-note, others already wrote you please stop the HTML e-mails) > But, it just for Debian? The "httpd.conf/apache2.conf" file is for Debian. No. Debian uses /etc/apache2 directory to store the configuration files. > How about CentOS? Should I add above lines to "/etc/httpd/conf/httpd.conf" file? You need to find where CentOS stores the configuration files, which loads the modules. I have few RH instance, they stores these files under /etc/httpd/conf.modules.d, eg: # cat /etc/httpd/conf.modules.d/01-cgi.conf # This configuration file loads a CGI module appropriate to the MPM # which has been configured in 00-mpm.conf. mod_cgid should be used # with a threaded MPM; mod_cgi with the prefork MPM. <IfModule mpm_worker_module> LoadModule cgid_module modules/mod_cgid.so </IfModule> <IfModule mpm_event_module> LoadModule cgid_module modules/mod_cgid.so </IfModule> <IfModule mpm_prefork_module> LoadModule cgi_module modules/mod_cgi.so </IfModule> You should read the CentOS Apache documentation. > 3- You said "Also I think local_rules contains the whole rule set", but in the "local_rules" directory, I just have one "modsecurity_localrules.conf" with below contents: > # User defined rules and settings .## You can use this file/directory to drop your local rules or# to remove some rules provided by mod_security_crs package with SecRuleRemoveById## You can also disable mod_security for some incompatible web applications (eg. phpMyAdmin).## > Is it normal? may be - as I wrote, I don't know CentOS. a. |
