HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   [PROBLEM] Howto install/update modsecurity2 with ispconfig3 for IDA (http://www.howtoforge.com/forums/showthread.php?t=60272)

aibara 20th January 2013 02:36

[PROBLEM] Howto install/update modsecurity2 with ispconfig3 for IDA
 
Hi,

I'm actually using the modsecurity from this tutorial made by Till.
http://www.faqforge.com/category/lin...ls/ispconfig3/

The tutorial works great :D, and i am very happy with my new implementation.

My problem is very simple, and i know how to solve this.
https://www.modsecurity.org/tracker/browse/MODSEC-288
As explained on the link, there's a bug with {unique_id} variable, what i need is something like :

In file : modsecurity_crs_10_config.conf (main modsecurity config file)
SecDefaultAction "phase:2,log,redirect:http://blabla.com/security/hack.php?ip=%{remote_addr}&regla=%{rule.msg}&id=%{ UNIQUE_ID}"

I need UNIQUE_ID to manage a future script to ban bad requests using iptables.

But when the redirect happens, no unique_id appears.
The bugtracker says that its fixed in 2.7.0, so thats why i need to update.

I have already tried a lot of tutorials, and any of them work.

Dunno what to do now, i'm a little lost.
I Hope someone can help me with this and first of all, thanks for helping.

aibara 21st January 2013 01:01

Okey, i'm now running modsecurity 2 with owasp 2.7.1 Rules.

For those who want to protect their servers against WEB attacks on a Debian Squeeze read the following Manuals.

First (remember to change the paths in some commands, CHECK IT)
https://github.com/SpiderLabs/ModSec...ion_for_Apache

Second, download and install (follow INSTALL file inside the .tar) the rule set from
https://www.owasp.org/index.php/Cate...le_Set_Project

Third (Optional) - Bann Attackers with iptables
http://spamcleaner.org/en/misc/modsec2ipt.html


All times are GMT +2. The time now is 22:18.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.