mod-security-users

[mod-security-users] Suggestions re installation and documentation

[Regence 2. <reg...@ho...>]

I have some install issues and I thought I would put these suggestions out 
there for future improvements in the mod_security install and/or 
documentation.

I'm running Apache 2.0 on Red Hat Enterprise Linux 3.0. The mod_security 
manual shows how to do a source and binary install starting on page 5.

Issue #1

The dynamic install from source doesn't work on RHEL 3.0 because the apache 
'apxs' utility isn't standard as far as I can tell.

Suggestion: Explain what apxs is and why/where it is installed? Can it be 
installed after the fact?

Issue #2

The static install from source doesn't install much confidence (the 
instructions state "there is no definitive documentation" on how to do this 
on Apache 2!?) and they are also very unclear e.g.

./configure --prefix=(my prefix) --with-module=mappers:security

What is '(my prefix)'? It isn't explained in the documentation.

They also require you to recompile Apache, which I am reluctant to do.

Suggestion: Explain '(my prefix)'. Find the definitive way to install static 
modules on Apache 2.0 and document it.

Issue #3

The binary installation instructions are also unclear, because they refer to 
mod_security.so which is the compiled version of mod_security.c, but they 
don't spell out how you should compile it or where you should get the 
compiled version from.

There are mod_security RPM's and binaries around, but they are for mandrake 
systems. If there is a compiled binary for Red Hat, I couldn't find it.

Suggestion: Explain the .so only comes with the compiled version, and that 
it is system specific. (or is it?)

I hope these suggestions make it into future documentation. Thanks for such 
a great piece of software.

_________________________________________________________________
MSN Toolbar provides one-click access to Hotmail from any Web page – FREE 
download! http://toolbar.msn.com/go/onm00200413ave/direct/01/

Re: [mod-security-users] Suggestions re installation and documentation

[Ivan R. <iv...@we...>]

Regence 21 wrote:
> I have some install issues and I thought I would put these suggestions
> out there for future improvements in the mod_security install and/or
> documentation.

  Hi,

  Thanks for your comments.


> Issue #1
> 
> The dynamic install from source doesn't work on RHEL 3.0 because the
> apache 'apxs' utility isn't standard as far as I can tell.
> 
> Suggestion: Explain what apxs is and why/where it is installed? Can it
> be installed after the fact?

  I am not familiar with RHEL3. What does it say in the documentation
  about a preferred way to install additional Apache modules?


> Issue #2
> 
> The static install from source doesn't install much confidence (the
> instructions state "there is no definitive documentation" on how to do
> this on Apache 2!?) and they are also very unclear e.g.

  You are correct about that. What you've read is a hack that
  worked for me. Some people have already complained that it
  doesn't work for them and I'll remove it from the documentation
  alltogether.


> Issue #3
> 
> The binary installation instructions are also unclear, because they
> refer to mod_security.so which is the compiled version of
> mod_security.c, but they don't spell out how you should compile it or
> where you should get the compiled version from.

  The apxs binary is supposed to compile, install, and configure
  the module.


> There are mod_security RPM's and binaries around, but they are for
> mandrake systems. If there is a compiled binary for Red Hat, I couldn't
> find it.

  Not that I know of.


> Suggestion: Explain the .so only comes with the compiled version, and
> that it is system specific. (or is it?)

  It is system specific.


> I hope these suggestions make it into future documentation.

  I will take a look at the documentation tomorrow and see if I can
  make some things more clear.


-- 
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]