Thread: [mod-security-users] Upgrading to v3.0.4
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
mod-security-users
|
From: Monah B. <mon...@gm...> - 2020-01-15 01:31:26
|
Hi all, Any good documents as to how to upgrade from 2.9.3 on Centos7 Thanks Monah |
|
From: Eero V. <eer...@ik...> - 2020-01-15 04:48:30
|
Well. There is no such upgrade path? You need to recompile and install modsecuritu 3.x. Follow instructions at: https://github.com/SpiderLabs/ModSecurity/wiki/Compilation-recipes-for-v3.x You can check out my instructions how to compile modsecurity rpms for CentOS 7 Eero On Wed, Jan 15, 2020 at 3:34 AM Monah Baki <mon...@gm...> wrote: > Hi all, > > Any good documents as to how to upgrade from 2.9.3 on Centos7 > > Thanks > Monah > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
|
From: Christian F. <chr...@ne...> - 2020-01-15 05:04:22
|
Hey Monah, What platform are you working on? ModSec3 on Apache is not production ready. Cheers, Christian On Tue, Jan 14, 2020 at 08:31:07PM -0500, Monah Baki wrote: > Hi all, > > Any good documents as to how to upgrade from 2.9.3 on Centos7 > > Thanks > Monah > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: Monah B. <mon...@gm...> - 2020-01-15 11:28:31
|
Hi Christian, Apache :) On Wed, Jan 15, 2020 at 12:06 AM Christian Folini < chr...@ne...> wrote: > Hey Monah, > > What platform are you working on? > > ModSec3 on Apache is not production ready. > > Cheers, > > Christian > > On Tue, Jan 14, 2020 at 08:31:07PM -0500, Monah Baki wrote: > > Hi all, > > > > Any good documents as to how to upgrade from 2.9.3 on Centos7 > > > > Thanks > > Monah > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
|
From: Christian F. <chr...@ne...> - 2020-01-15 11:36:47
|
Hey Monah, The developers of ModSecurity consider libModSecurity 3.0.x as stable and production ready for use with NGINX. The connector module that links the engine with Apache is not deemed stable though. And I can confirm that. The OWASP ModSecurity Core Rule Set project considers ModSecurity 2.9.x on Apache as the reference platform and continues to do so until several problems with ModSec3 have been sorted out. One of them is that ModSec3 is not passing the CRS test suite. It's fairly close with ModSec3 + NGINX, but there are quite a few open issues with ModSec3 + Apache. So for the time being, it's best to stay with ModSecurity 2.9 in your situation. I would also advise against a platform change for an existing Apache/ModSec setup. Hope this helps. Cheers, Christian On Wed, Jan 15, 2020 at 06:28:11AM -0500, Monah Baki wrote: > Hi Christian, > > Apache :) > > On Wed, Jan 15, 2020 at 12:06 AM Christian Folini < > chr...@ne...> wrote: > > > Hey Monah, > > > > What platform are you working on? > > > > ModSec3 on Apache is not production ready. > > > > Cheers, > > > > Christian > > > > On Tue, Jan 14, 2020 at 08:31:07PM -0500, Monah Baki wrote: > > > Hi all, > > > > > > Any good documents as to how to upgrade from 2.9.3 on Centos7 > > > > > > Thanks > > > Monah > > > > > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: Monah B. <mon...@gm...> - 2020-01-15 11:54:47
|
Hi Christian What platform/changes you recommend? Monah On Wed, Jan 15, 2020 at 6:37 AM Christian Folini < chr...@ne...> wrote: > Hey Monah, > > The developers of ModSecurity consider libModSecurity 3.0.x as stable and > production ready for use with NGINX. The connector module that links the > engine with Apache is not deemed stable though. And I can confirm that. > > The OWASP ModSecurity Core Rule Set project considers ModSecurity 2.9.x on > Apache as the reference platform and continues to do so until several > problems with ModSec3 have been sorted out. One of them is that ModSec3 > is not passing the CRS test suite. It's fairly close with ModSec3 + NGINX, > but > there are quite a few open issues with ModSec3 + Apache. > > So for the time being, it's best to stay with ModSecurity 2.9 in your > situation. > > I would also advise against a platform change for an existing Apache/ModSec > setup. > > Hope this helps. > > Cheers, > > Christian > > > On Wed, Jan 15, 2020 at 06:28:11AM -0500, Monah Baki wrote: > > Hi Christian, > > > > Apache :) > > > > On Wed, Jan 15, 2020 at 12:06 AM Christian Folini < > > chr...@ne...> wrote: > > > > > Hey Monah, > > > > > > What platform are you working on? > > > > > > ModSec3 on Apache is not production ready. > > > > > > Cheers, > > > > > > Christian > > > > > > On Tue, Jan 14, 2020 at 08:31:07PM -0500, Monah Baki wrote: > > > > Hi all, > > > > > > > > Any good documents as to how to upgrade from 2.9.3 on Centos7 > > > > > > > > Thanks > > > > Monah > > > > > > > > > > _______________________________________________ > > > > mod-security-users mailing list > > > > mod...@li... > > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > > http://www.modsecurity.org/projects/commercial/rules/ > > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > > > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
|
From: Christian F. <chr...@ne...> - 2020-01-15 12:02:01
|
None. Just stay where you are and observe the development. On Wed, Jan 15, 2020 at 06:54:15AM -0500, Monah Baki wrote: > Hi Christian > > What platform/changes you recommend? > > Monah > > On Wed, Jan 15, 2020 at 6:37 AM Christian Folini < > chr...@ne...> wrote: > > > Hey Monah, > > > > The developers of ModSecurity consider libModSecurity 3.0.x as stable and > > production ready for use with NGINX. The connector module that links the > > engine with Apache is not deemed stable though. And I can confirm that. > > > > The OWASP ModSecurity Core Rule Set project considers ModSecurity 2.9.x on > > Apache as the reference platform and continues to do so until several > > problems with ModSec3 have been sorted out. One of them is that ModSec3 > > is not passing the CRS test suite. It's fairly close with ModSec3 + NGINX, > > but > > there are quite a few open issues with ModSec3 + Apache. > > > > So for the time being, it's best to stay with ModSecurity 2.9 in your > > situation. > > > > I would also advise against a platform change for an existing Apache/ModSec > > setup. > > > > Hope this helps. > > > > Cheers, > > > > Christian > > > > > > On Wed, Jan 15, 2020 at 06:28:11AM -0500, Monah Baki wrote: > > > Hi Christian, > > > > > > Apache :) > > > > > > On Wed, Jan 15, 2020 at 12:06 AM Christian Folini < > > > chr...@ne...> wrote: > > > > > > > Hey Monah, > > > > > > > > What platform are you working on? > > > > > > > > ModSec3 on Apache is not production ready. > > > > > > > > Cheers, > > > > > > > > Christian > > > > > > > > On Tue, Jan 14, 2020 at 08:31:07PM -0500, Monah Baki wrote: > > > > > Hi all, > > > > > > > > > > Any good documents as to how to upgrade from 2.9.3 on Centos7 > > > > > > > > > > Thanks > > > > > Monah > > > > > > > > > > > > > _______________________________________________ > > > > > mod-security-users mailing list > > > > > mod...@li... > > > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > > > http://www.modsecurity.org/projects/commercial/rules/ > > > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > > > > > > > > > _______________________________________________ > > > > mod-security-users mailing list > > > > mod...@li... > > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > > http://www.modsecurity.org/projects/commercial/rules/ > > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
Thanks for helping keep SourceForge clean.
X