search for: mod_security

I want to add mod_security to my Apache server running CentOS 5.3 and am trying to find a repository to get it from. I found it in EPEL, but they have version 2.1.7, which is over a year old according to what I found on the modsecurity.org website. Is there a repository which is keeping this up to date? Or should I just b...

Hi guys, I've planning out my upgrade to CentOS4 and one of my plans for security is to impliment the mod_security apache module to filter out unwanted malicious intent. Not having used it before, I wanted to see if anyone here has implimented it and did it block any legit traffic or cause resource traffic/serious slowdowns of their systems? I've asked on the forum about secure virtual hosting and have...

Hi, I'm currently fiddling with mod_security, and before going any further, I simply wanted to ask here for any recommended documentation/tutorials on the subject. There seems to be a lot of information about mod_security out there, and right now I have a bit of a hard time wrapping my head around it. I'm grateful for any suggestions. C...

I've set up a CentOS 5 system as a server for http installs. Currently up-to-date with httpd-2.2.3-11.el5_1.centos.3 mod_security-2.1.7-1.el5 my installs were failing just after the root password set up, before software selection. I tracked it down to a server error 500 and it was due to mod_security claiming the comps.xml file was too big The error: [Tue Jun 10 09:59:01 2008] [error] [client XXX.XXX.XXX.XXX] ModSecu...

I installed mod_security yesterday. Unbelievable the amount of crap it will stop in 24 hrs. Picked up the rpm at http://rpm.pbone.net This should be made part of the CentOS extra, contribs or whatever!!

Hello, Has anyone made any of the above in to CentOS5 rpms? I've googled and not found any CentOS5 rpms and was wondering before i atempt to make them, was wondering if anyone else had any of them? Thanks. Dave.

after having my own dnsbl feeded by a honeypot and even mod_security supports it for webservers i think dovecot sould support the same to prevent dictionary attacks from known bad hosts, in our case that blacklist is 100% trustable and blocks before SMTP-Auth while normal RBL's are after SASL i admit that i am not a C/C++-programmer, but i think doing the DNS r...

Hi, While testing a rails application on DreamHost (mod_rails), I found a really weird problem. If I submit form data which includes "fwrite();" (with semi-colon but without quotes), I get 503 error (Server temporarily unavailable). I checked out rails log file and it didn''t even reach the rails app. I assume the error was from web server. You may test this at

...ttacks against some of these services which have been dealt with for the nonce by changes to iptables. However, I am not convinced that these changes are the answer. Therefore I have been looking at http protection and have run across a few independently provided modules for Apache http security, mod_security being one of them. I would like the opinion of other CentOS sysadmins who already have faced this same problem, with respect to the solutions available and those that they choose for themselves. Sincerely, -- *** E-Mail is NOT a SECURE channel *** James B. Byrne...

Hello, We're migrating a webserver from RedHat 7.x to CentOS 4.2. In the process, we'd like to improve security. We're currently planning on making sure SELinux is enabled, mounting the /tmp partition noexec, and running PHP in safe mode, hide_errors on, register_globals off by default. vsftpd is set to chroot logins. I've seen Apache run inside a chroot jail, but that

I'm trying to install apache 2.2.x from a tarball. And it works. But I'm also trying to install modsecure, and I can't get that to work. It might help to know what CentOS uses to install Apache when doing the ./configure. === Al

I''ve seen several postings where FastCGI is being used with RoR projects, yet, most of the material I''ve read (Dave Thomas'' book, online articles, etc) recommend not using FastCGI anymore because it is a dormant project and hasn''t been updated since 2003 (I think???). So, I went out and got Simple CGI instead. It had to be compiled and installed from

So I have this nice, simple web server up running. Its purpose is to allow me external testing with HIP, and to provide some files for external distribution. Of course, there it is sitting on port 80 and the attacks are coming in per logwatch report. Examples from the report include: Requests with error response codes 404 Not Found //phpMyAdmin-2.5.1/scripts/setup.php: 1

...ists. > > We're looking at banning the spam IP addresses from being able to hit > the > web interface at all. When we have a working alternative, we will > look at > removing the current ban of using + in address. So we have a alternative in place, I pushed a blacklist using mod_security and a few DNS blacklist: https://github.com/gluster/gluster.org_ansible_configuration/commit/2f4 c1b8feeae16e1d0b7d6073822a6786ed21dde > Apologies for the outage and a big shout out to Michael for taking > time out > of his weekend to debug and fix the issue. Well, you can thanks the...

Good evening, I have not able able to run the http://ip-addr/src/configtest.php script, nor access Squirrelmail. Looking for suggestions on what I might have missed. When I try either http://ip-... or https://ip-..., I get the following reply Forbidden You don't have permission to access /webmail/src/configtest.php on this server. I got squirrelmail installed in /usr/share/squirrelmail and

...off by default, but is there a way to "play games" with those that attempt a proxy connection? Like a ReWrite rule or some sort? For the 404's, Obviously these don't exist, but robots.txt so I am not sure why that has a 404. What are 406 errors? Some Googling say they are due to mod_security issues and that an .htaccess fix can turn it off. But I don't understand the issue and the solution to be honest. What am I missing? -Jason -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110310/8f47c87...

Hi, I have my rails sites tricked out with capistrano, and backgroundrb, so I can easily use the ant tasks, but I would like to be able to start and stop backgroundrb from within rails. I have a few reasons for this: 1. Using fastcgi, backgroundrb would start under the apache user and the same mod_security context as apache, instead of my developer account which has many more privileges. 2. I''d like rails to be able to start backgroundrb if it isn''t running. 3. I''d also like rails to be to restart backgroundrb if rails itself has been restarted. 4. I''m lazy. ;)...

...e looking at banning the spam IP addresses from being able to hit >> the >> web interface at all. When we have a working alternative, we will >> look at >> removing the current ban of using + in address. > So we have a alternative in place, I pushed a blacklist using > mod_security and a few DNS blacklist: > https://github.com/gluster/gluster.org_ansible_configuration/commit/2f4 > c1b8feeae16e1d0b7d6073822a6786ed21dde > > > > >> Apologies for the outage and a big shout out to Michael for taking >> time out >> of his weekend to debug and fix...

...sword as well. - disable root remotely access. - use secure connection to the VPS by using PUTTY key instead of username and password login . - change the port to a high one with unusual figure like 26127 or any else - disable ftp and use another secure one. - install a fire wall, CSF firewall and Mod_security or anything else equal or more. - keep the whole thing up-to-date. - secure the whole VPS as much as possible. - finally use a trusted script on the website and his why I will use Drupal (mostly the core ones and nothing else without any modules). This is what I've got so far from reading ma...

I''d been ignoring this error message in my log for a while: ActionController::RoutingError (Recognition failed for "/robots.txt"): I had never touched robots.txt. So I decided to make it a proper robots.txtfile I found this great article... http://www.ilovejackdaniels.com/seo/robots-txt-file/ ...where Dave explains the ins and outs of the file. Before I changed mine, I