gmane.comp.apache.mod-security.user

Re: Compiling Mod-security 2.5

Brian Rectanus — 2008-07-25T07:49:11

This is with the Debian apache? It may be finding the wrong apxs. I think on debian it is named apxs2 for Apache 2. So maybe you also have the Apache 1.3 dev libs on there as well and it is finding those? Try: --with-apxs=/usr/bin/apxs2 -B

Compiling Mod-security 2.5

David Ballano — 2008-07-25T07:04:28

Hello, I'm new here so.. pleased to meet you. I'm compiling Mod-security 2.5 for apache2.2.3, on a Debian 4 etch, I have installed all the dependencies, bu when execute make it shows an error: checking for fchmod... yes checking for getcwd... yes checking for memset... yes checking for strcasecmp... yes checking for strchr... yes checking for strdup... yes checking for strerror... yes checking for strncasecmp... yes checking for strrchr... yes checking for strstr... yes checking for strtol... yes configure: looking for Apache module support via DSO through APXS configure: found apxs at /usr/bin/apxs configure: checking httpd version configure: error: apache is too old ./configure: line 5051: exit: mmn: numeric argument required ./configure: line 5051: exit: mmn: numeric argument required apache too old?? what? thanks in advance, David. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

Re: mod-security on Windows

Brian Rectanus — 2008-07-24T18:42:55

Hmm, interesting, I could have sworn they were in there. I'll add it to the next release. thanks, -B

Re: mod-security on Windows

J Amuse — 2008-07-24T18:20:35

------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/_______________________________________________ mod-security-users mailing list mod-security-users< at >lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mod-security-users

Re: description of rules want

Ryan Barnett — 2008-07-24T15:51:58

Re: mod-security on Windows

Brian Rectanus — 2008-07-24T15:29:25

Hi, I do not know of any performance issues running ModSecurity on Windows. However, there are some ModSecurity features that are not available on Windows. These include the "drop" action, SecChroot, and probably others (see the docs). I have had good luck with the binary packages from Apache Lounge (apachelounge.com) and they keep very up-to-date ModSecurity packages. -B

Re: description of rules want

Brian Rectanus — 2008-07-24T15:24:49

Most (all?) of the rules have a comment preceding them in each of those files. Is this not enough documentation as to what they do? Or are you just looking for a generic overview of what each file does? -B

description of rules want

Muzammel Asghar — 2008-07-24T13:28:06

Hi guys i am new to mod_security. Currently i use Apache/2.2.8 with mod_security 2.1.7. on Fedora Core 8 ,I need to know the description of each rule present in breach core rules conf. I read the documentation at docs but need to know the function of each rule present in conf. modsecurity_crs_10_config.conf modsecurity_crs_23_request_limits.conf modsecurity_crs_45_trojans.conf modsecurity_crs_10_config.conf.org modsecurity_crs_30_http_policy.conf modsecurity_crs_50_outbound.conf modsecurity_crs_20_protocol_violations.conf modsecurity_crs_35_bad_robots.conf modsecurity_localrules.conf modsecurity_crs_21_protocol_anomalies.conf modsecurity_crs_40_generic_attacks.conf optional_rules So please help me regarding documentation of these rules. Thanks ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

mod-security on Windows

J Amuse — 2008-07-24T12:42:40

Google Analytics & Request Missing an AcceptHeader

Dominic Caputo — 2008-07-24T12:27:08

Licence Problem

2008-07-24T11:35:51

Hi everyone, i signed up under bsn.breach.com and requested a licence key for the mod security console....but this licence key is within the console not valid ??!!!! Can anyone help me to find out what happened here ? SomeoneŽs out there with the same problem ? thanks a lot Peter _________________________________________________________________ WEB.DE schenkt Ihnen jeden Monat einen hochkarätigen Blockbuster von maxdome! Jetzt anmelden unter http://www.blockbuster.web.de ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

Three ModSecurity Rule Language Annoyances

Ivan Ristic — 2008-07-24T09:44:15

I've just published a blog post on three ModSecurity Rule Language aspects I am not very happy with. You should be aware of these issues when writing your own rules: Three ModSecurity Rule Language Annoyances http://blog.modsecurity.org/2008/07/modsecurity-tri.html

Modifying CRS rule 960335 / "Too manyarguments in request"

Stefan Müller-Wilken — 2008-07-23T13:10:28

Re: Rule 970902

Brian Rectanus — 2008-07-22T22:11:07

2.5.5 does not currently check ErrorDocument pages. It is a feature I am working on. I have seen this with older versions of ModSecurity (pre 2.5) where it only changed the status in the data sent to the client and not within Apache for logs, but this was (or should be) fixed in 2.5.0 I cannot duplicate this here Is there some other surrounding the ModSecurity log entry in the error log? Perhaps you could give us more context (error log at LogLevel debug and SecDebugLog with SecDebugLogLevel 9)? Maybe a simple example httpd.conf where this happens? -B

Re: modsecurity version 255 - disablepostchecking in a directory

Ryan Barnett — 2008-07-22T21:59:41

How example: [Ryan Barnett] What version of Mod are you using? Assuming you are using the 2.5.x branch, you can use the "ctl" action to dynamically disable inspecting the request body for that location. Reference - http://www.modsecurity.org/documentation/modsecurity-apache/2.5.5/modsec urity2-apache-reference.html#N113B4 Example - SecRule REQUEST_FILENAME "^/dir1/" \ "phase:1,t:none,pass,nolog,ctl:requestBodyAccess=Off" ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

modsecurity version 255 - disable postchecking in a directory

Mike Davis — 2008-07-22T21:47:33

I'm a newbie to modsecurity, so please excuse me for this question. How would I disable all checking of all POST traffic in a directory? example: web URL :http://www.mydomain.com/dir1/index.htm How can I disable POST traffic checking in the dir1 folder above? Try our news services absolutely no cost! Visit http://www.cdpublications.com/specialoffer and enter Priority Code D092 to gain immediate access to our subscriber-only content for a limited time. Learn more at our website: http://www.cdpublications.com CD Publications - Independent Newsletter Publishers Since 1961 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

Re: will appending text - using 'append'-after the /html tag always work?

Christian Folini — 2008-07-22T13:57:34

Thought so too, when I saw the feature. :) Thanks for the update. Good to see you are still on the move. Christian ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

Re: will appending text - using 'append' -after the /html tag always work?

Stephen Craig Evans — 2008-07-22T12:49:23

Re: will appending text - using 'append' -after the /html tag always work?

Stephen Craig Evans — 2008-07-22T12:45:16

Re: will appending text - using 'append'-after the /html tag always work?

Christian Folini — 2008-07-22T06:40:50

Hey Stephen, On Tue, Jul 22, 2008 at 01:27:44PM +0800, Stephen Craig Evans wrote: I believe it should read "as parameter to the end of the HTTP response body." Inserting something into the html content (near the end) is a little trickier I believe and you should possibly try and use some other sort of filter to accomplish that. How are you getting along with your project? Regs, Christian ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/

will appending text - using 'append' - afterthe /html tag always work?

Stephen Craig Evans — 2008-07-22T05:27:44