Re: ModSecurity Debian 8

Tue, 21 Mar 2017 15:55:03 -0700 

Mod-security,

[opinioned]

"Blocks certain words that are normal. Decision to depend on it, depends
on what your Apache server, serves. I run a forum that sometimes has
over ten spambots at once. Running without that piece of art"

However, few, but not so few, 'no likey-likey' Mod security, and I
regret remembering their bias.

Sorry, I can't tell much more then that. Responses to this post I deem
'friendly' [my post that is, not so friendly responses, I have a thick
skin], might trigger my mind. [or won't]

[/opinoned]

-- 
Richard W. 
The Netherlands

Krzysztof Kokot schreef op ma 20-03-2017 om 23:03 [+0100]:
> Hi, 
> 
> 
> I can't help you a lot, in fact the only thing I can do is recommend
> you this
> article: 
> https://www.digitalocean.com/community/tutorials/how-to-set-up-mod_security-with-apache-on-debian-ubuntu.
>  It works for me.
> 
> 
> Cheers,
> Krzysztof Kokot
> 
> 
> 20 mar 2017 19:53 "lann...@runbox.com" <lann...@runbox.com>
> napisaƂ(a):
> 
>         Hi,
>         I have spent about 2 days trying to understand how to setup
>         mod-security on my web server.
>         
>          I choose to rely on packages in the official repo, so if
>         possible I will not compile packages.
>         
>         Is correct to say that I can't have mod-security in nginx?
>         Is mod-security only available in apache2?
>         
>         Then I'm looking for some instruction about installing. There
>         are a lot of outdated material and is difficult to learn the
>         right stuff.
>         
>         
>         Here is what I have typed:
>         
>         
>         apt-get install libcurl3-gnutls liblua5.1-0 libxml2
>         apt-get install libapache2-mod-security2
>         apt-get install modsecuriy-crs
>         sudo
>         mv /etc/modsecurity/modsecurity.conf-recommended 
> /etc/modsecurity/modsecurity.conf
>         sudo nano /etc/modsecurity/modsecurity.conf
>         
>         
>         I have turned on the option SecRuleEngine
>         
>         git clone
>         https://github.com/SpiderLabs/owasp-modsecurity-crs.git
>         
>         
>         Now... my questions are:
>         
>         1) Where I have to put the rules
>         2) Which other config files I have to edit
>         3) How I enable modsecurity on my website
>         4) Do you have sample config file to share?
>         
>         
>         Thanks a lot for your help.
>         
>         Anders. LA.
>         
> 
> 
>

Reply via email to