mod_security best rules

W

webstyler

Well-Known Member
Nov 20, 2003
480
3
168
Hello

after mod_security installation throught easyapache the rules configuration is empty

so, what think is good rules to download and set for hosting server ?

On other server a sysadmin have set in WHM > modesecurity config :

<IfModule mod_security2.c>
Include /usr/local/apache/conf/rul_modsec/*.conf
</IfModule>

any suggest about this or other rules project ?

Thanks
 
W

webstyler

Well-Known Member
Nov 20, 2003
480
3
168
Hello

We have installed rules

File modsec2.user.conf is ok:

Include /usr/local/apache/modsecurity.d/*asl*.conf
Include /usr/local/apache/modsecurity.d/exclude.conf

BUT there is nothing filtered on more than 10 days.. impossible

How we can make simple test ?

We have already restart apache, all works fine except mod_security :(

any suggest ?

Thanks
 
W

webstyler

Well-Known Member
Nov 20, 2003
480
3
168
uhm..

only 1 row and with
.. "GET /robots.txt HTTP/1.1" 500 67 ..

nothing other :/
 
Last edited:
I

Infopro

Well-Known Member
May 20, 2003
17,075
524
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
webstyler said:
we have check the mysql table of modsec and is empty :(
Click to expand...
Assuming there is some sort of configuration issue with your added rulesets, try this to see if we can get you going at least.

In WHM, very bottom of left menu find Mod Security and click.
Top of the page that opens, there should be a button here titled Edit Config, click it.
Next page you should see some links at top. Is the box below empty? At top of page click Default Configuration and automagically fill the box.

Now Click Save Configuration. Restart Apache for good measure.
 
W

webstyler

Well-Known Member
Nov 20, 2003
480
3
168
Infopro said:
Assuming there is some sort of configuration issue with your added rulesets, try this to see if we can get you going at least.

In WHM, very bottom of left menu find Mod Security and click.
Top of the page that opens, there should be a button here titled Edit Config, click it.
Next page you should see some links at top. Is the box below empty? At top of page click Default Configuration and automagically fill the box.

Now Click Save Configuration. Restart Apache for good measure.
Click to expand...

WHM Config have value of modsec2.user :

Include /usr/local/apache/modsecurity.d/*asl*.conf
Include /usr/local/apache/modsecurity.d/exclude.conf
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
K Mod_security and scan of port 443 Security 9
J deciphering mod_security logs Security 9
S In Progress EA-10889 - mod_security disabled by default? Why? Security 9
C Mod_Security rules for Joomla login failures Security 2
7 Mod_Security Block Time and CSF Security 4
Similar threads
Mod_security and scan of port 443
deciphering mod_security logs
In Progress EA-10889 - mod_security disabled by default? Why?
Mod_Security rules for Joomla login failures
Mod_Security Block Time and CSF
Top Bottom