Thread: [mod-security-users] WAF file and folder locations
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
mod-security-users
|
From: Peter B. <pet...@vs...> - 2019-01-22 13:21:41
|
I'm looking for documentation (or a source file) listing the configurable folders of the WAF and their meaning. When I look at a host we run, there are the following folders and files in `/modsecurity`: - apache/ - audit/ - data/ - tmp/ - upload/ - modsec_audit.log - virus-check.log I need to know which folders (and files) are meant to contain data that is persisted (such as, probably, "audit" and "*.log") and which ones contain ephemeral data that we may mount somewhere where the OS throws the content away on, say, reboots (such as, probably, "tmp" and "upload"). Is there a specific documentation on this? Any hints that help me better understand are appreciated! Peter |
|
From: Christian F. <chr...@ne...> - 2019-01-22 13:42:57
|
Hi Peter, On Tue, Jan 22, 2019 at 02:07:28PM +0100, Peter Bittner wrote: > I'm looking for documentation (or a source file) listing the configurable > folders of the WAF and their meaning. Good plan. > When I look at a host we run, there are the following folders and files in > `/modsecurity`: > > - apache/ > - audit/ > - data/ > - tmp/ > - upload/ > - modsec_audit.log > - virus-check.log The ModSecurity Handbook is covering this in sufficient detail. Nicolas / Bigli is supposed to have a copy AFAICT. If not, let me know and I'll send you one. Please make sure you get the partition restriction between /tmp and /upload right (need to be on the same partition). Other than that, I suggest to keep modsec_audit.log and audit/ together. They former references files in the latter. Best, Christian -- Besides, Emacs would be a far better OS if it shipped with a halfway-decent text editor - like vi for example. |
|
From: Scott H. <sco...@re...> - 2019-01-22 14:41:42
|
Hi Christian,
> > When I look at a host we run, there are the following folders and
> > files in
> > `/modsecurity`:
> >
> > - apache/
> > - audit/
> > - data/
> > - tmp/
> > - upload/
> > - modsec_audit.log
> > - virus-check.log
>
> The ModSecurity Handbook is covering this in sufficient detail.
Is that available on line too?
Thanks,
Scott
|
|
From: Christian F. <chr...@ne...> - 2019-01-22 14:53:23
|
Hey Scott, It's available as an e-book from Feisty Duck. https://www.feistyduck.com/books/modsecurity-handbook/ Best, Christian On Tue, Jan 22, 2019 at 02:26:27PM +0000, Scott Hovey wrote: > Hi Christian, > > > > When I look at a host we run, there are the following folders and > > > files in > > > `/modsecurity`: > > > > > > - apache/ > > > - audit/ > > > - data/ > > > - tmp/ > > > - upload/ > > > - modsec_audit.log > > > - virus-check.log > > > > The ModSecurity Handbook is covering this in sufficient detail. > > Is that available on line too? > > Thanks, > Scott > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: Peter B. <pet...@vs...> - 2019-01-22 15:21:17
|
Thanks, Christian! Looks like there is also the Reference Manual [1], which covers the configuration directives. The overview is missing here for newcomers. I'm looking into an existing configuration file now, that helps a bit. [1] https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#Configuration_Directives On Di, Jan 22, 2019 at 3:53 PM, Christian Folini <chr...@ne...> wrote: > Hey Scott, > > It's available as an e-book from Feisty Duck. > > https://www.feistyduck.com/books/modsecurity-handbook/ > > Best, > > Christian > > On Tue, Jan 22, 2019 at 02:26:27PM +0000, Scott Hovey wrote: >> Hi Christian, >> >> > > When I look at a host we run, there are the following folders >> and >> > > files in >> > > `/modsecurity`: >> > > >> > > - apache/ >> > > - audit/ >> > > - data/ >> > > - tmp/ >> > > - upload/ >> > > - modsec_audit.log >> > > - virus-check.log >> > >> > The ModSecurity Handbook is covering this in sufficient detail. >> >> Is that available on line too? >> >> Thanks, >> Scott >> >> >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's >> SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: Christian F. <chr...@ne...> - 2019-01-22 19:39:46
|
On Tue, Jan 22, 2019 at 04:21:03PM +0100, Peter Bittner wrote: > Thanks, Christian! You're welcome. > Looks like there is also the Reference Manual [1], which covers the > configuration > directives. The overview is missing here for newcomers. I'm looking into an > existing configuration file now, that helps a bit. Good plan. Otherwise, my tutorials at https://www.netnea.com/cms/apache-tutorials/ cover the log files in sufficient depth as well. Cheers, Christian > > [1] https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#Configuration_Directives > > On Di, Jan 22, 2019 at 3:53 PM, Christian Folini > <chr...@ne...> wrote: > > Hey Scott, > > > > It's available as an e-book from Feisty Duck. > > > > https://www.feistyduck.com/books/modsecurity-handbook/ > > > > Best, > > > > Christian > > > > On Tue, Jan 22, 2019 at 02:26:27PM +0000, Scott Hovey wrote: > > > Hi Christian, > > > > > > > > When I look at a host we run, there are the following folders > > > and > > > > > files in > > > > > `/modsecurity`: > > > > > > > > > > - apache/ > > > > > - audit/ > > > > > - data/ > > > > > - tmp/ > > > > > - upload/ > > > > > - modsec_audit.log > > > > > - virus-check.log > > > > > > > > The ModSecurity Handbook is covering this in sufficient detail. > > > > > > Is that available on line too? > > > > > > Thanks, > > > Scott > > > > > > > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's > > > SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
Thanks for helping keep SourceForge clean.
X