Lonnie wrote:
> Greeting All,
>
> I am working to get mod_security installed and running well for our
> systems and am wondering if you can please tell me how i can customize
> it for each virtual server that we have?
This is simply a matter of adding your ruleset to the configuration inside
your chosen VirtualHost directive. The rules should then only be enabled for
that host and not the others.
> What I mean is that I think that there is supposed to be some way to
> redirect the user if any of the SecFilters are triggered to a particular
> web address, right?
Depending on the rule you're matching, it might simply be possible to skip
mod_security and just add a Redirect directive to your VirtualHost, issuing a
301 for the specific file:
Redirect 301 /files/hiddenfile.txt http://main.example.com
This doesn't do any pattern matching however. the mod_security way would be to
issue a "redirect:http://main.example.com" for the specific rule. (I think
this is a 301, but I haven't used this)
> I want to set this up so that if a SecFilter is triggered by a
> particular virtual server in my httpd.conf for ssl.conf then I will
> redirect them to that main server instead of an error message page.
You could issue a "deny,log,status:403" as is recommended and specify a custom
ErrorDocument directive for that VirtualHost, such as:
ErrorDocument 403 http://main.example.com
Though this would redirect all 403s, not just this specific example. Is there
a specific reason you want to hide the error in this way? Do you only want to
hide it for this one specific rule match?
Terry.
|
