Re: [mod-security-users] Geo location lookup multiple rules
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Geo location lookup multiple rules
|
From: homesh j. <ho...@gm...> - 2022-05-31 12:01:47
|
Dear Ervin, Rule id is different for each rule as otherwise apache reload will fail. I check by defining SecGeoLookupDb /etc/modsecurity/maxmind4.dat under security2.conf and removing it from each virtual host. It still works as expected. Also there are no improvements in memory consumption of apache which confirms apache does not keep multiple copies of the same file in memory even if I define it multiple times which is a good thing. Thanks, Homesh On Mon, May 30, 2022 at 10:35 AM Ervin Hegedüs <ai...@gm...> wrote: > Hi Homesh, > > On Mon, May 30, 2022 at 12:17:56AM +0530, homesh joshi wrote: > > I have multiple virtual host entries in apache > > > > in each virtual host I have rule like this > > > > SecGeoLookupDb /etc/modsecurity/maxmind4.dat > > SecRule REMOTE_ADDR "@geoLookup" > "phase:1,log,chain,id:2,drop,msg:'Geolocation Blocked'" > > SecRule GEO:COUNTRY_CODE "@pm CN PE IR" > > are you sure? I mean do you have these rules with *same id*? > > > My query is the line SecGeoLookupDb /etc/modsecurity/maxmind4.dat present > > in each virtual host. Is it required in each or can I define it once > > globally. > > you do not need to define it in each vhost. Also you can use the > SecRule with "id:2" above only once (except if you change the > country codes per vhost, of course). > > > > > a. > > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
