Displaying 16 results from an estimated 16 matches for "modsecur".
Did you mean:
modsecure
2009 Jul 27
4
What's the configure specs for the generic Apache install of CentOS x86_64 5.3?
I'm trying to install apache 2.2.x from a tarball.
And it works. But I'm also trying to install modsecure, and I can't get that to work.
It might help to know what CentOS uses to install Apache when doing the ./configure.
=== Al
2008 May 27
4
why there is no liblua5.1.so in /usr/lib?
hello all:
I want to install ModSecurity v2.5.4 in my system. I do the following setup to install the lua
tar -xzvf lua-5.1.3.tar.gz
cd lua-5.1.3/src
make linux
cd ..
make install
The ModSecurity ask me to add "LoadFile /usr/lib/liblua5.1.so" to the http.conf,but there is no liblua5.1.so in /usr/lib.
I have search it and...
2009 Apr 24
4
repository for mod_security
I want to add mod_security to my Apache server running CentOS 5.3 and am
trying to find a repository to get it from. I found it in EPEL, but
they have version 2.1.7, which is over a year old according to what I
found on the modsecurity.org website. Is there a repository which is
keeping this up to date? Or should I just build it from source?
--
Bowie
2007 Dec 21
1
RPM-installed packages trying to install every run, causing service to fail
....2.25-1.i386.rpm]/ensure:
change from absent to present failed: Execution of ''/bin/rpm -i
--oldpackage /tmp/tomcat-connectors-1.2.25-1.i386.rpm'' returned 256:
package tomcat-connectors-1.2.25-1 is already installed
err:
//puppetclient/cfsandbox.corp.localmatters.com/webapp/modsecurity/Package[modsecurity-apache2-2.1.4-1.i386.rpm]/ensure:
change from absent to present failed: Execution of ''/bin/rpm -i
--oldpackage /tmp/modsecurity-apache2-2.1.4-1.i386.rpm'' returned 256:
package modsecurity-apache2-2.1.4-1 is already installed
notice:
//puppetclient/cf...
2014 Jun 17
3
RFE: dnsbl-support for dovecot
...rbldnsd with the sources
is quite easy and in case of a own, trustable RBL where
no foreigners report somebody by mistake it's relieable
and scales well over many machines and services as long
services supporting it
mod_security:
http://blog.inliniac.net/2007/02/23/blocking-comment-spam-using-modsecurity-and-realtime-blacklists/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140617/5390021d/attachment.sig&g...
2009 Jun 27
6
server is always getting hacked
WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all over the world
logging into our server (used last).
Is there a good place to start to avoid these kinds of things?
For example, here is what I already did.
Open up sshd port only
setup iptables to only accept port 80 and 22
No FTP
No other ports are allowed according to IP
2008 Jun 09
2
Help, PHP/Mysql connections are so slow.
...ometimes up to a minute to list tables
in phpmyadmin for example.
I've verified on the server that the
issue has to be PHP/Mysql related. If I use a CGI based Mysql admin
tool, communication is fast and there are no delays.
The server is Xeon based and has 4GB of RAM.
SElinux is enabled, and ModSecurity for Apache too. Disabling these two does not help.
SElinux allows Apache to network connect.
Some php.ini settings:
===============================
safe_mode = On
max_execution_time = 60
max_input_time = 60
memory_limit = 128M
open_basedir is active, and there are no conflicts.
disable_functio...
2007 Dec 29
6
Regarding the 1.1.3 security release
* Apologies for starting a new thread; I just subscribed.
Has anyone been able to make this exploit happen if requests are being
proxied to Mongrel through Apache? I''ve been trying variations on the
double-encoding thing and can''t trigger the exploit through Apache.
Hitting Mongrel directly does expose the problem.
I''ll still upgrade my servers, of course, but I
2009 Jun 12
5
Limit Request Body Size (Disallow very large File-uploads)
Hello all,
For the last couple of days I was trying to get my
Apache/mod_proxy/mongrel setup to limit the size of the request body.
The setup is as follows:
1.) Apache acts as a reverse proxy by facilitating mod_rewrite and mod_proxy
2.) Requests for non-static files are passed on to a mongrel_cluster
3.) We use mongrel for our Ruby on Rails application
Note that due to some restrictions we are
2007 Nov 20
1
openntp, mod_deflate, and mod_security CentOS5 rpms?
Hello,
Has anyone made any of the above in to CentOS5 rpms? I've googled and
not found any CentOS5 rpms and was wondering before i atempt to make them,
was wondering if anyone else had any of them?
Thanks.
Dave.
2008 Jun 10
0
mod_security
...ecurity-2.1.7-1.el5
my installs were failing just after the root password set up, before
software selection.
I tracked it down to a server error 500 and it was due to
mod_security claiming the comps.xml file was too big
The error:
[Tue Jun 10 09:59:01 2008] [error] [client XXX.XXX.XXX.XXX]
ModSecurity: Output filter: Content-Length (934390) over the limit
(524288). [hostname "XXX.XXX"] [uri "/install/centos/5/x86_64/
repodata/comps.xml"] [unique_id "VJNb-4inMQIAACd0XcwAAAAA"]
This is set in /etc/httpd/mod_security.d/modsecurity_crs_10_config.conf
SecRespons...
2017 Jul 09
2
Hardening Apache on CentOS 7
Hi,
Some time ago one of my public servers (running Slackware64 14.0) got
attacked and was misused to send phishing emails.
This misadventure made me more concerned about security, so I spent the
last few weeks catching up on security, reading docs about SELinux and
how to use it, etc.
I have a public sandbox server running CentOS 7, and I'm currently
experimenting quite a lot with Apache
2007 Feb 23
5
Advice for Internet facing Mailserver
Hello and good day,
i have setup a Server which is directly connected to the Internet,
without NAT-Router or other Firewall Appliance. I am using FreeBSD
6.2. I have pf enabled to only allow traffic on specified Ports. I am
using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There
is only one /home/User, which authenticates via a Key with Pass-
phrase to sshd. The
2010 Aug 10
5
Iptables questions
Hello,
I have read and seen many options for additions to Iptables as a firewall
and security system. All seem to react to logs and not to incoming packets
(as far as I have seen)
I am interested in doing a number of security ideas to the firewall,
iptables, on my webserver. If you have a program you would suggest or
believe iptables is the proper solution, please feel free to post that.
Here
2013 Mar 06
4
Apache attacks - you can't stop them, or can you?
So I have this nice, simple web server up running. Its purpose is to
allow me external testing with HIP, and to provide some files for
external distribution. Of course, there it is sitting on port 80 and
the attacks are coming in per logwatch report. Examples from the report
include:
Requests with error response codes
404 Not Found
//phpMyAdmin-2.5.1/scripts/setup.php: 1
2011 May 08
5
Am I being to paranoid?
Hi All,
I want to know thoughts on if I am being to paranoid/security conscious.
CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and obviously the built-in firewall on the box. I have ssh on a different port and starting to use Keys instead of password authentication. I host an intensive website and I am getting about 150 unique visitors per day.
What I am seeing is