Re: [mod-security-users] 1.7.6 not running at all
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] 1.7.6 not running at all
|
From: Ivan R. <iv...@we...> - 2004-03-21 22:27:59
|
Mike Plemmons wrote: > Hello, > I am running version 1.7.6 with Apache 1.3.29 on a Slackware -current > machine. I am using a Slackware package so I did not compile it. I > installed mod_security using the apxs -cia command but I am having problems. > > I have the module loading, or so I think I do, and I have the mod_security.c > configuration added at the very bottom of my httpd.conf file. From what I > can tell mod_security is not actualy running. No log files are being created > even though I have specfically given them an absolute path to the same place > the apache log files are. I have SecServerResponseToken set to On and when I > run a GET request from a telnet session I do not see mod_security listed. > > What other steps do I need to do in order to get mod_security to work? What you did normally works for me. Only one line is required to load the module: LoadModule security_module /usr/lib/apache/mod_security.so But if there is a "ClearModuleDirective" somewhere in the configuration file you will also need to add: AddModule mod_security.c After that, all you need is the module configuration. Send me your httpd.conf (and other files if you have your configuration distributed) and I'll look at it. The fact that the server started without complaining about the SecServerResponse directive means mod_security is active. About the tokens missing in the server signature - maybe you don't have ServerTokens set to Full? -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ] |
