PDA

View Full Version : mod_security (first post, i win)

IWorx-Chris
09-03-2004, 02:06 PM
For the sake of getting the first post, I have a tool for the InterWorx-CP suite that some may be interested in. I've made up a SRPM for mod_security, which is a security-minded URL filter of sorts for Apache. We haven't had many requests for this but in the spirit of thinking ahead I thought everyone may want to check it out.

This has been tested on our internal boxes ONLY, and is BETA. YOU HAVE BEEN FOREWARNED!!

Now that that's out of the way it's been working fine on our test boxes so feel free to give it a whirl.

The mod_security homepage is at: http://www.modsecurity.org/.

Install the mod on any interworx-cp box by doing:

rpmbuild --rebuild --with < your arch here > http://updates.interworx.info/iworx/SRPMS/experimental/mod_security-1.8.4-100.iworx.src.rpm
rpm -ivh /usr/redhat/bin/mod_security-1.8.4-100.iworx.rpm

the "< your arch here >" part is where you distro descriptor goes. Here's a list of htem:


RedHat 9 = rht9x
CentOS 3.x = cos3x
Fedora 1 = fdr10
Fedora 2 = fdr20
White Box = whb3x


So, for a redhat 9 box just do:

rpmbuild --rebuild --with rht90 http://updates.interworx.info/iworx/SRPMS/experimental/mod_security-1.8.4-100.iworx.src.rpm
rpm -ivh /usr/redhat/bin/mod_security-1.8.4-100.iworx.rpm

REMEMBER, THIS IS BETA!! USE AT YOUR OWN RISK!!

enjoy ;).

Chris
pascal
09-29-2004, 09:18 AM
Chris,

Just before install it, I'd like to know what do you enter under the <IfModule mod_security.c> in the httpd.conf

Does it update httpd.conf, and/or others /domaine.conf automaticly ?

Pascal
IWorx-Chris
09-29-2004, 03:51 PM
it puts a file in the conf.d directory named security.conf that you can edit to your needs.

Chris
CMI
02-11-2005, 09:55 PM
Chris mentioned you still have mod_security available. What's the latest version you have available? yum doesn't seem to see anything.
CMI
02-11-2005, 10:06 PM
Nevermind. I only see 1.8.4 in the CentOS Binaries.

Going to add 1.8.6? :)
timryberg
02-11-2005, 10:34 PM
I'm sure they will get to it, but I think they're prety busy right now finishing InterWorx 1.9. ;-)
CMI
02-11-2005, 10:39 PM
I'm sure they will get to it, but I think they're prety busy right now finishing InterWorx 1.9. ;-)

Yeah but I'm greedy :) I wouldn't use mod_security at all (and really didn't want to) but I know I'm going to want some of the scrubbing features soo....
IWorx-Chris
02-12-2005, 04:02 PM
Just updated it to 1.8.6:

http://updates.interworx.info/iworx/SRPMS/nexcess/mod_security-1.8.6-1.iworx.src.rpm

Chris
CMI
02-12-2005, 09:35 PM
Thanks :) I'll update now. Still might just stick with mod_rewrite though :)
Ivery
12-30-2005, 02:30 AM
I was curious if there had been any update on the mod_Security project for Iworx? It looks like a good security addition and a worthy addition to a virtual hosted machine in aid of client security.

Any news on it?
IWorx-Chris
12-30-2005, 02:31 AM
It can be added independantly of iworx-cp but isn't "integrated" at this point in time. It may be in the future.

Chris
blahrus
12-30-2005, 09:11 AM
http://centos.karan.org/el4/extras/stable/i386/RPMS/repodata/repoview/mod_security-0-1.9.1-1.el4.kb.html

That's an up to date rpm, and has been working fine for me. (CentOS 4.x)

Then if you like check out http://gotroot.com for a LARGE amount of rules to add.


Thanks,
Clint
paulo
05-29-2007, 10:02 PM
Any x64 rpm, out there ? ;-) ... the install still works the same way for CentOS 4.4 (x64) / iworx 2.1.3 ?

Thanks

Paulo