Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Temporary fix for mod_security and XML?

Discussion in 'Security' started by ChadE, Jan 28, 2008.

  1. ChadE

    ChadE Active Member

    Joined:
    Mar 14, 2005
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    156
    I read here: http://forums.cpanel.net/showthread.php?t=74220&highlight=mod_security+XML
    that in a future EA3 release, mod_security 2.1.5 will be compiled with XML support. However, I think I may have found a temporary and workable fix in the meantime. I apologize if this is not allowed.

    This is for Apache 2.2.X

    I downloaded mod_security 2.1.5 and recompiled it with libxml2 and the PCRE headers downloaded by EasyApache.
    (This may vary by configuration. You can use locate srclib/pcre to find the correct path)

    Inside "Makefile", change "top_dir" and "INCLUDES" to state the following:
    Make compiled mod_security fine. As per the install instructions, stop Apache, run make install, do a configtest. Alas, Apache is broken. For XML support to work, you need to include:

    LoadFile /usr/lib/libxml2.so

    HOWEVER, doing this above your other Loadmodules will break Apache when it loads PHP. To fix this, I commented out LoadModule security2_module modules/mod_security2.so, Include "/usr/local/apache/conf/modsec2.conf", and Include "/usr/local/apache/conf/php.conf"

    I placed, in this exact order, the commented lines below "Include /usr/local/apache/conf/php.conf":
    (This may vary by server configuration).


    LoadFile /usr/lib/libxml2.so
    LoadModule security2_module modules/mod_security2.so
    Include "/usr/local/apache/conf/modsec2.conf"


    The core rules (with XML) work perfectly after starting Apache, as well as any custom rules you prefer to use. For tidyness, I just copy the core rules into modsec2.user.conf as well as my custom rules, and include them in modsec2.conf.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice