rpm/apache2-mod_security2
SHA256
1
0
Fork 0
forked from pool/apache2-mod_security2
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2-mod_security2?expand=0&rev=2

Browse Source
This commit is contained in:
OBS User unknown 2009-01-23 22:43:58 +00:00 committed by Git OBS Bridge
parent b08c840c20
commit 492d69c20d
3 changed files with 71 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apache2-mod_security2.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Fri Jan 23 16:56:55 CET 2009 - skh@suse.de
- fix broken config [bnc#457200]
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Sep 15 14:05:05 CEST 2008 - skh@suse.de Mon Sep 15 14:05:05 CEST 2008 - skh@suse.de

9
apache2-mod_security2.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package apache2-mod_security2 (Version 2.5.6) # spec file for package apache2-mod_security2 (Version 2.5.6)
# #
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -20,7 +20,7 @@
Name: apache2-mod_security2 Name: apache2-mod_security2
Version: 2.5.6 Version: 2.5.6
Release: 1 Release: 2
# #
License: GPL v2 only; GPLv2 with some FLOSS linking exceptions License: GPL v2 only; GPLv2 with some FLOSS linking exceptions
Group: Productivity/Networking/Web/Servers Group: Productivity/Networking/Web/Servers
@ -39,6 +39,7 @@ Requires: apache2 %{apache_mmn}
# #
Url: http://www.modsecurity.org/ Url: http://www.modsecurity.org/
Source: http://www.modsecurity.org/download/%{tarballname}.tar.gz Source: http://www.modsecurity.org/download/%{tarballname}.tar.gz
Source1: mod_security2.conf
# #
Summary: ModSecurity Open Source Web Application Firewall Summary: ModSecurity Open Source Web Application Firewall
@ -65,7 +66,7 @@ pushd %{apache}
install -d -m 0755 %{buildroot}%{apache_libexecdir} install -d -m 0755 %{buildroot}%{apache_libexecdir}
install .libs/mod_security2.so %{buildroot}%{apache_libexecdir}/%{modname}.so install .libs/mod_security2.so %{buildroot}%{apache_libexecdir}/%{modname}.so
popd popd
install -D -m 0644 modsecurity.conf-minimal %{buildroot}%{apache_sysconfdir}/conf.d/%{modname}.conf install -D -m 0644 %{SOURCE1} %{buildroot}%{apache_sysconfdir}/conf.d/%{modname}.conf
%clean %clean
%{__rm} -rf %{buildroot}; %{__rm} -rf %{buildroot};
@ -79,6 +80,8 @@ install -D -m 0644 modsecurity.conf-minimal %{buildroot}%{apache_sysconfdir}/con
%doc tools rules %doc tools rules
%changelog %changelog
* Fri Jan 23 2009 skh@suse.de
- fix broken config [bnc#457200]
* Mon Sep 15 2008 skh@suse.de * Mon Sep 15 2008 skh@suse.de
- update to version 2.5.6 - update to version 2.5.6
- initial submit to FACTORY - initial submit to FACTORY

60
mod_security2.conf Normal file
View File

@ -0,0 +1,60 @@
<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off
# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off
# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 0
# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log
# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072
# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072
# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyLimit 524288
# Verify that we've correctly processed the request body.
# As a rule of thumb, when failing to process a request body
# you should reject the request (when deployed in blocking mode)
# or log a high-severity alert (when deployed in detection-only mode).
SecRule REQBODY_PROCESSOR_ERROR "!@eq 0" \
"phase:2,t:none,log,deny,msg:'Failed to parse request body.',severity:2"
# By default be strict with what we accept in the multipart/form-data
# request body. If the rule below proves to be too strict for your
# environment consider changing it to detection-only. You are encouraged
# _not_ to remove it altogether.
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"phase:2,t:none,log,deny,msg:'Multipart request body \
failed strict validation: \
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_SEMICOLON_MISSING}'"
# Did we see anything that might be a boundary?
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
"phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
</IfModule>