similar to: mod_security

I want to add mod_security to my Apache server running CentOS 5.3 and am trying to find a repository to get it from. I found it in EPEL, but they have version 2.1.7, which is over a year old according to what I found on the modsecurity.org website. Is there a repository which is keeping this up to date? Or should I just build it from source? -- Bowie

after having my own dnsbl feeded by a honeypot and even mod_security supports it for webservers i think dovecot sould support the same to prevent dictionary attacks from known bad hosts, in our case that blacklist is 100% trustable and blocks before SMTP-Auth while normal RBL's are after SASL i admit that i am not a C/C++-programmer, but i think doing the DNS request and in case it has a

Hi guys, I've planning out my upgrade to CentOS4 and one of my plans for security is to impliment the mod_security apache module to filter out unwanted malicious intent. Not having used it before, I wanted to see if anyone here has implimented it and did it block any legit traffic or cause resource traffic/serious slowdowns of their systems? I've asked on the forum about secure

Hi, I'm currently fiddling with mod_security, and before going any further, I simply wanted to ask here for any recommended documentation/tutorials on the subject. There seems to be a lot of information about mod_security out there, and right now I have a bit of a hard time wrapping my head around it. I'm grateful for any suggestions. Cheers, Niki Kovacs -- Microlinux - Solutions

I installed mod_security yesterday. Unbelievable the amount of crap it will stop in 24 hrs. Picked up the rpm at http://rpm.pbone.net This should be made part of the CentOS extra, contribs or whatever!!

Hello, Has anyone made any of the above in to CentOS5 rpms? I've googled and not found any CentOS5 rpms and was wondering before i atempt to make them, was wondering if anyone else had any of them? Thanks. Dave.

hello all: I want to install ModSecurity v2.5.4 in my system. I do the following setup to install the lua tar -xzvf lua-5.1.3.tar.gz cd lua-5.1.3/src make linux cd .. make install The ModSecurity ask me to add "LoadFile /usr/lib/liblua5.1.so" to the http.conf,but there is no liblua5.1.so in /usr/lib. I have search it and i didn't find the solution. Can any one tell me why

I'm trying to install apache 2.2.x from a tarball. And it works. But I'm also trying to install modsecure, and I can't get that to work. It might help to know what CentOS uses to install Apache when doing the ./configure. === Al

Hi guys, I''m doing some hackish stuff with manually installing RPMs. Basically I''m pulling them down to /tmp and installing them using provider => rpm, then making the service check that the package is installed before it''ll start. Here are the relevant sections of the pp file: class tomcat inherits httpd { $tomcat_connectors_pkg = $architecture ? {

We have several web applications deployed under Apache that require a user id / password authentication. Some of these use htdigest and others use the application itself. Recently we have experienced several brute force attacks against some of these services which have been dealt with for the nonce by changes to iptables. However, I am not convinced that these changes are the answer. Therefore

Hi. I've got a new Centos 5.1 x86-64 server that uses PHP to communicate with MySQL5. On this server, PHP/Mysql connections are dead slow and unresponsive. It takes sometimes up to a minute to list tables in phpmyadmin for example. I've verified on the server that the issue has to be PHP/Mysql related. If I use a CGI based Mysql admin tool, communication is fast and there are no delays.

LogWatch reports items like: Connection attempts using mod_proxy: 83.167.123.83 -> 205.188.251.1:443: 1 Time(s) 83.167.123.83 -> 64.12.202.36:443: 2 Time(s) Requests with error response codes 403 Forbidden 205.188.251.1:443: 1 Time(s) 64.12.202.36:443: 2 Time(s) 404 Not Found //jmx-console/HtmlAdaptor: 1 Time(s) /VINT_1984_THINK_DIFFERENT: 1 Time(s)

Hi, I have my rails sites tricked out with capistrano, and backgroundrb, so I can easily use the ant tasks, but I would like to be able to start and stop backgroundrb from within rails. I have a few reasons for this: 1. Using fastcgi, backgroundrb would start under the apache user and the same mod_security context as apache, instead of my developer account which has many more privileges. 2.

Hello, Are our servers still facing the overload issue? My replies to gluster-users ML are not getting delivered to the list. Regards, Ravi On 09/19/2017 10:03 PM, Michael Scherer wrote: > Le samedi 16 septembre 2017 ? 20:48 +0530, Nigel Babu a ?crit?: >> Hello folks, >> >> We have discovered that for the last few weeks our mailman server was >> used >> for a

So I have this nice, simple web server up running. Its purpose is to allow me external testing with HIP, and to provide some files for external distribution. Of course, there it is sitting on port 80 and the attacks are coming in per logwatch report. Examples from the report include: Requests with error response codes 404 Not Found //phpMyAdmin-2.5.1/scripts/setup.php: 1

I am new to Linux so I do not have any special preferences. Yes I have a root access and the VPS is un managed. I am newbie to the Linux world. I will have a new website or maybe 3. I've found that un managed costs vary a lot, as I've found various ways for settings ... some using Xen, others using OpenVZ, and other using Virtuozzo and I found that it all vary regarding Ram allocations

Le samedi 16 septembre 2017 ? 20:48 +0530, Nigel Babu a ?crit?: > Hello folks, > > We have discovered that for the last few weeks our mailman server was > used > for a spam attack. The attacker would make use of the + feature > offered by > gmail and hotmail. If you send an email to example at hotmail.com, > example+foo at hotmail.com, example+bar at hotmail.com, it goes

Jay Hart writes: > Good evening, > > I have not able able to run the http://ip-addr/src/configtest.php script, nor access Squirrelmail. Looking for suggestions on what I might > have missed. When I try either http://ip-... or https://ip-..., I get the following reply > > Forbidden You don't have permission to access /webmail/src/configtest.php on this server.

Hello all, For the last couple of days I was trying to get my Apache/mod_proxy/mongrel setup to limit the size of the request body. The setup is as follows: 1.) Apache acts as a reverse proxy by facilitating mod_rewrite and mod_proxy 2.) Requests for non-static files are passed on to a mongrel_cluster 3.) We use mongrel for our Ruby on Rails application Note that due to some restrictions we are

Hello, I have read and seen many options for additions to Iptables as a firewall and security system. All seem to react to logs and not to incoming packets (as far as I have seen) I am interested in doing a number of security ideas to the firewall, iptables, on my webserver. If you have a program you would suggest or believe iptables is the proper solution, please feel free to post that. Here