Comments on: How to mod_security Ubuntu 9.04 http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/ A LAMP in the Samsara Tue, 31 Jan 2012 20:20:11 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: bodhi.zazen http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-2/#comment-4620 bodhi.zazen Wed, 04 Jan 2012 17:18:23 +0000 http://blog.bodhizazen.net/?p=227#comment-4620 @Ivan - you need to access your web browser by FQDN, not ip address. @Ivan – you need to access your web browser by FQDN, not ip address.

]]> By: Ivan http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4616 Ivan Wed, 04 Jan 2012 05:28:59 +0000 http://blog.bodhizazen.net/?p=227#comment-4616 I've tried it in ubuntu 9.10, on localhost running smoothly. but the access from other computers, no web page that can appear and give this response. Bad Request Your browser sent a request that this server could not understand. Apache/2.2.0 (Fedora) Server at 192.168.0.6 Port 80. anyone can help me ???? I’ve tried it in ubuntu 9.10, on localhost running smoothly. but the access from other computers, no web page that can appear and give this response.

Bad Request
Your browser sent a request that this server could not understand.
Apache/2.2.0 (Fedora) Server at 192.168.0.6 Port 80.

anyone can help me ????

]]> By: Limpus http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4478 Limpus Wed, 07 Dec 2011 08:11:07 +0000 http://blog.bodhizazen.net/?p=227#comment-4478 Excellent article. Can anyone tell me how to block access to apache accessing through hostname. I mean the machine which has apache, I am able to block access through ip but unable to block it through hostname. Thanks Excellent article. Can anyone tell me how to block access to apache accessing through hostname. I mean the machine which has apache, I am able to block access through ip but unable to block it through hostname. Thanks

]]> By: s http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4467 s Mon, 05 Dec 2011 23:25:37 +0000 http://blog.bodhizazen.net/?p=227#comment-4467 @Aaron try running something like- #here's my config file Ubuntu 10.04 # /etc/apache2/conf.d/modsec.conf (no need to put in apache.conf, keep it separate) SecRuleEngine On SecRule ARGS "@validateUtf8Encoding" SecRule ARGS "@validateByteRange 10, 13, 15, 32-126" SecServerSignature "Microsoft-IIS/5.0" SecAuditEngine RelevantOnly SecAuditLog /var/log/mod-security/modsec_audit_log Include mod-security-rules/base_rules/*.conf #Note: the critical part is: SecRuleEngine On #Nothing happens without that... #The server sig part requires ServerTokens Full #to work (needs the allocated memory space of the Full setting) @Aaron
try running something like-

#here’s my config file Ubuntu 10.04
# /etc/apache2/conf.d/modsec.conf (no need to put in apache.conf, keep it separate)

SecRuleEngine On
SecRule ARGS “@validateUtf8Encoding”
SecRule ARGS “@validateByteRange 10, 13, 15, 32-126″
SecServerSignature “Microsoft-IIS/5.0″
SecAuditEngine RelevantOnly
SecAuditLog /var/log/mod-security/modsec_audit_log
Include mod-security-rules/base_rules/*.conf

#Note: the critical part is:
SecRuleEngine On

#Nothing happens without that…

#The server sig part requires

ServerTokens Full

#to work (needs the allocated memory space of the Full setting)

]]> By: lukastu http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4353 lukastu Tue, 18 Oct 2011 01:53:57 +0000 http://blog.bodhizazen.net/?p=227#comment-4353 Aron S, thank you for this tip! I was struggling with this for 3 days, now it works! Aron S, thank you for this tip! I was struggling with this for 3 days, now it works!

]]> By: privatekrankenversicherungtestsieger.de http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4315 privatekrankenversicherungtestsieger.de Sat, 24 Sep 2011 16:45:19 +0000 http://blog.bodhizazen.net/?p=227#comment-4315 Unterschaetzt bei weitem nicht die technischen Errungenschaften des menschlichen Geistes! Darueber hinaus zensiert flink weiter. Unterschaetzt bei weitem nicht die technischen Errungenschaften des menschlichen Geistes! Darueber hinaus zensiert flink weiter.

]]> By: Darrell http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4200 Darrell Sun, 28 Aug 2011 12:50:44 +0000 http://blog.bodhizazen.net/?p=227#comment-4200 Gold star ... thanks! Gold star … thanks!

]]> By: razero http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-4045 razero Tue, 09 Aug 2011 14:21:29 +0000 http://blog.bodhizazen.net/?p=227#comment-4045 you saved me! you saved me!

]]> By: Aron S http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-3966 Aron S Thu, 14 Jul 2011 22:01:06 +0000 http://blog.bodhizazen.net/?p=227#comment-3966 I followed your instructions to the letter and downloaded the CRS from the modsecurity website (link to sourceforge). I had to make one slight modification to apache2.conf, the line that had to say: include conf.d/*.conf, otherwise apache would not restart. Yet I am still getting the ability to list the passwd file, despite the ruleset being there. Can someone help? Aron I followed your instructions to the letter and downloaded the CRS from the modsecurity website (link to sourceforge). I had to make one slight modification to apache2.conf, the line that had to say: include conf.d/*.conf, otherwise apache would not restart.

Yet I am still getting the ability to list the passwd file, despite the ruleset being there.

Can someone help?

Aron

]]> By: bodhi.zazen http://blog.bodhizazen.net/linux/how-to-mod_security-ubuntu-904/comment-page-1/#comment-3704 bodhi.zazen Wed, 15 Jun 2011 14:57:40 +0000 http://blog.bodhizazen.net/?p=227#comment-3704 @Mohan They have been working on a few interfaces for mod_security. See: http://www.modsecurity.org/projects/modprofiler/ @Mohan

They have been working on a few interfaces for mod_security.

See: http://www.modsecurity.org/projects/modprofiler/

]]>