[mod-security-users] Cant install mod sec2, plus post payload filterng for scripts
Brought to you by:
victorhora,
zimmerletw
From: Dan R. <sp...@el...> - 2006-11-17 09:08:46
|
Hi, ive tried to download and install mod sec 2 as there is no binaries yet however its been impossible to make a shared object hacking the Makefile, i have tried both osx and debian with no luck. is there a better howto than on the site ? i have no idea where i have to set the "top_dir", this really needs a configure script. Do note that if your Apache is using an external PCRE library you can compile ModSecurity with WITH_PCRE_STUDY defined, which would possibly give you a slight performance edge in regular expression processing. this also means nothing to me, how do i know what PCRE apache2 is using ? Also we would like to prevent script injections via php to somehow allow files to be uploaded to the server, we discovered some scripts on our server via some exploit we are unsure of, they were sqlyog tunnel scripts, we need to try and filter all payload to prevent this. Will the mod sec rules at got root help ? There also doesnt seem to be a 1.9 version for debian ? |