LinkBack URL
About LinkBacksI am adding another vote to get this updated ASAP!
The current gotroot rules require at least version 2.5.11 for compatibility.
Please dedicate more resources to getting this updated
I am adding another vote to get this updated ASAP!
The current gotroot rules require at least version 2.5.11 for compatibility.
Please dedicate more resources to getting this updated
+1
Considering that the version v2.5.12, and v2.5.11 fixes detection bypass issues as well as v2.5.12 fixing a DoS attack against ModSecurity [1] server admins have enough reasons to have nightmares while relying on v2.5.9. Please update ASAP.
[1] ModSecurity: Open Source Web Application Firewall
Indeed , but we are waiting for months for cPanel to make an update for mod_security ............. speechlessOriginally Posted by thobarn
Why it takes so long for CPanel to have a fix on this?
EasyApache build 5086 provides Mod Security version 2.5.12.
A new Option Library for PCRE is now provided. This is needed to resolve various linking issues. Apache 2.0, 2.2 and all versions of PHP provided by EasyApache were patched to link against this new Option Library ( installed in /opt ). With PHP 4 as provided by EasyApache it is no longer possible to disable PCRE.
Kenneth
Product Manager
cPanel, Inc.
Big thank you!
Friendly Moderator Note
To ensure organized discussion and prevent possible confusion I have forked the mod_security PCRE topic into a new thread, separating it from the original feature request that applied only to a general update for mod_security.
For reference, here is the new thread dedicated to the mod_security PCRE topic: mod_security Rule execution error - PCRE limits exceeded (-8): (null). - cPanel Forums
cPResources: Submit a Support Request - Submit a Bug Report - Review existing Tickets-- Donald cPanelDon Holl - Analyst, cPanel Quality Assurance
Feature Request Implemented - Completed
This feature request is resolved with the implementation of the requested update for mod_security to the latest version at the time of writing, that of mod_security version 2.5.12 for Apache versions 2.x. To ensure organized discussion with minimal confusion this Feature Request thread is now closed and archived; thank you for your understanding.
If mod_security is currently installed and you only wish to update it, you may run EasyApache using the last saved build profile, assuming/provided that it has mod_security enabled, using the following command via root SSH access:
For reference information about using EasyApache, please see the following documentation resources:Code:# /scripts/easyapache --build
Last edited by cPanelDon; 05-14-2010 at 05:45 PM. Reason: Clarification
cPResources: Submit a Support Request - Submit a Bug Report - Review existing Tickets-- Donald cPanelDon Holl - Analyst, cPanel Quality Assurance
