Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st March 2009, 17:46
atjensen11 atjensen11 is offline
Senior Member
 
Join Date: Dec 2007
Posts: 199
Thanks: 9
Thanked 6 Times in 6 Posts
Default Webalizer and Apache mod_security

I have an Ubuntu 8.04 LTS server that was configured using the HowTo on this site. I also setup and configured Apache mod_security to further protect the webserver.

As part of the HowTo, I installed Webalizer for site statistics. Furthermore, I use basic authentication on the webalizer stats directory.

When users browse to the webalizer domain (http://stats.example.com), they are prompted with the authentication dialog box. The credentials appear to be accepted, but then a 404 error is returned.

So it would appear that DNS is working correctly, the Apache virtual host is working correctly, and the htaccess file is working correctly.

I checked the error logs and saw that mod_security is blocking access and generating the 404 error. The message from mod_security in the log is "Statistics Information Leakage". In this case though, I have provided what I feel is enough security on the directory and don't necessarily need mod_security provider further access.

Does anyone have a suggestion on how to modify this mod_security rule to allow access to this directory while still protecting others?

Thanks.
Reply With Quote
Sponsored Links
  #2  
Old 22nd March 2009, 15:59
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,745 Times in 2,578 Posts
Default

Can you post your mod_security rules?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 24th May 2009, 04:32
wladek wladek is offline
Junior Member
 
Join Date: May 2009
Posts: 1
Thanks: 0
Thanked 1 Time in 1 Post
 
Exclamation If anyone have a similar problems...

see the debug log of mod_security:
"[/stats/index.html][1] Access denied with code 404 (phase 4). Pattern match "\b(?:Th(?:is (?:summary was generated by.{0,100}?(?:w(?:ebcruncher|wwstat)|analog|Jware) |analysis was produced by.{0,100}?(?:calamaris|EasyStat|analog)|report was generated by WebLog)|ese statistics were produced by (?:getstats|PeLAB))|[gG]enerated by. ..." at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf"] [line "19"] [id "970002"] [msg "Statistics Information Leakage"] [severity "WARNING"]"

(or similar)

Possible solution:

Comment out the following lines in: /path/to/modsecurity_crs_50_outbound.conf

#SecRule RESPONSE_BODY "\b(?:Th(?:is (?:summary was generated by.{0,100}?(?:w(?:ebcruncher|wwstat)|analog|Jware) |analysis was produced by.{0,100}?(?:calamaris|EasyStat|analog)|report was generated by WebLog)|ese statistics were produced by (?:getstats|PeLAB))|[gG]enerated by.{0,100}?[Ww]ebalizer)\b" \
# "phase:4,t:none,ctl:auditLogParts=+E,deny,log,audi tlog,status:404,msg:'Statistics Information Leakage',id:'970002',severity:'4

then reload Apache.

(Sorry for my bad english... )

Regards:
//:wladek
Reply With Quote
The Following User Says Thank You to wladek For This Useful Post:
onastvar (30th May 2013)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Running Webalizer with runstats CH Nathan Server Operation 1 11th May 2008 22:57
Apache2.x/openSuse 10.2 Webalizer pinky Installation/Configuration 3 27th January 2008 13:42
Quick Question(s) Apache 2 linutzy Technical 19 16th August 2006 17:20
Manual Webalizer Installation protocol Installation/Configuration 1 25th April 2006 17:33
Webalizer: /stats is there but Apache cannot see/access? kanal42 Installation/Configuration 3 26th October 2005 14:55


All times are GMT +2. The time now is 18:24.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.