search for: modsecurity

I'm trying to install apache 2.2.x from a tarball. And it works. But I'm also trying to install modsecure, and I can't get that to work. It might help to know what CentOS uses to install Apache when doing the ./configure. === Al

hello all: I want to install ModSecurity v2.5.4 in my system. I do the following setup to install the lua tar -xzvf lua-5.1.3.tar.gz cd lua-5.1.3/src make linux cd .. make install The ModSecurity ask me to add "LoadFile /usr/lib/liblua5.1.so" to the http.conf,but there is no liblua5.1.so in /usr/lib. I have search it and i...

I want to add mod_security to my Apache server running CentOS 5.3 and am trying to find a repository to get it from. I found it in EPEL, but they have version 2.1.7, which is over a year old according to what I found on the modsecurity.org website. Is there a repository which is keeping this up to date? Or should I just build it from source? -- Bowie

....2.25-1.i386.rpm]/ensure: change from absent to present failed: Execution of ''/bin/rpm -i --oldpackage /tmp/tomcat-connectors-1.2.25-1.i386.rpm'' returned 256: package tomcat-connectors-1.2.25-1 is already installed err: //puppetclient/cfsandbox.corp.localmatters.com/webapp/modsecurity/Package[modsecurity-apache2-2.1.4-1.i386.rpm]/ensure: change from absent to present failed: Execution of ''/bin/rpm -i --oldpackage /tmp/modsecurity-apache2-2.1.4-1.i386.rpm'' returned 256: package modsecurity-apache2-2.1.4-1 is already installed notice: //puppetclient/cfsan...

...rbldnsd with the sources is quite easy and in case of a own, trustable RBL where no foreigners report somebody by mistake it's relieable and scales well over many machines and services as long services supporting it mod_security: http://blog.inliniac.net/2007/02/23/blocking-comment-spam-using-modsecurity-and-realtime-blacklists/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 246 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20140617/5390021d/attachment.sig>

WE have a centos 5.3 install, and our server is keep getting hacked. We see load averages of 500+ and see people from all over the world logging into our server (used last). Is there a good place to start to avoid these kinds of things? For example, here is what I already did. Open up sshd port only setup iptables to only accept port 80 and 22 No FTP No other ports are allowed according to IP

...ometimes up to a minute to list tables in phpmyadmin for example. I've verified on the server that the issue has to be PHP/Mysql related. If I use a CGI based Mysql admin tool, communication is fast and there are no delays. The server is Xeon based and has 4GB of RAM. SElinux is enabled, and ModSecurity for Apache too. Disabling these two does not help. SElinux allows Apache to network connect. Some php.ini settings: =============================== safe_mode = On max_execution_time = 60 max_input_time = 60 memory_limit = 128M open_basedir is active, and there are no conflicts. disable_functions...

* Apologies for starting a new thread; I just subscribed. Has anyone been able to make this exploit happen if requests are being proxied to Mongrel through Apache? I''ve been trying variations on the double-encoding thing and can''t trigger the exploit through Apache. Hitting Mongrel directly does expose the problem. I''ll still upgrade my servers, of course, but I

Hello all, For the last couple of days I was trying to get my Apache/mod_proxy/mongrel setup to limit the size of the request body. The setup is as follows: 1.) Apache acts as a reverse proxy by facilitating mod_rewrite and mod_proxy 2.) Requests for non-static files are passed on to a mongrel_cluster 3.) We use mongrel for our Ruby on Rails application Note that due to some restrictions we are

Hello, Has anyone made any of the above in to CentOS5 rpms? I've googled and not found any CentOS5 rpms and was wondering before i atempt to make them, was wondering if anyone else had any of them? Thanks. Dave.

...ecurity-2.1.7-1.el5 my installs were failing just after the root password set up, before software selection. I tracked it down to a server error 500 and it was due to mod_security claiming the comps.xml file was too big The error: [Tue Jun 10 09:59:01 2008] [error] [client XXX.XXX.XXX.XXX] ModSecurity: Output filter: Content-Length (934390) over the limit (524288). [hostname "XXX.XXX"] [uri "/install/centos/5/x86_64/ repodata/comps.xml"] [unique_id "VJNb-4inMQIAACd0XcwAAAAA"] This is set in /etc/httpd/mod_security.d/modsecurity_crs_10_config.conf SecResponseBo...

Hi, Some time ago one of my public servers (running Slackware64 14.0) got attacked and was misused to send phishing emails. This misadventure made me more concerned about security, so I spent the last few weeks catching up on security, reading docs about SELinux and how to use it, etc. I have a public sandbox server running CentOS 7, and I'm currently experimenting quite a lot with Apache

Hello and good day, i have setup a Server which is directly connected to the Internet, without NAT-Router or other Firewall Appliance. I am using FreeBSD 6.2. I have pf enabled to only allow traffic on specified Ports. I am using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There is only one /home/User, which authenticates via a Key with Pass- phrase to sshd. The

Hello, I have read and seen many options for additions to Iptables as a firewall and security system. All seem to react to logs and not to incoming packets (as far as I have seen) I am interested in doing a number of security ideas to the firewall, iptables, on my webserver. If you have a program you would suggest or believe iptables is the proper solution, please feel free to post that. Here

So I have this nice, simple web server up running. Its purpose is to allow me external testing with HIP, and to provide some files for external distribution. Of course, there it is sitting on port 80 and the attacks are coming in per logwatch report. Examples from the report include: Requests with error response codes 404 Not Found //phpMyAdmin-2.5.1/scripts/setup.php: 1

Hi All, I want to know thoughts on if I am being to paranoid/security conscious. CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and obviously the built-in firewall on the box. I have ssh on a different port and starting to use Keys instead of password authentication. I host an intensive website and I am getting about 150 unique visitors per day. What I am seeing is