ich hab mir mod security installiert auf meinem Strato Rootie mit suse 9.3
ich hab mir eine security.conf in /etc/apache2/conf.d angelegt mit folgendem Inhalt :
beim starten des Apache passiert nun folgendes :
wo könnte mein dummer Fehler liegen ? Das Modul ist in etc/apache2/httpd2-prefork.conf eingetragen
Da mauschel ich schon 2 Tage dran rum und kriegs nicht gebacken :-(
ich hab mir eine security.conf in /etc/apache2/conf.d angelegt mit folgendem Inhalt :
Code:
LoadModule security2_module /usr/lib/apache2-prefork/mod_security2.so
<IfModule mod_security2.c>
# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
#SecFilterEngine DynamicOnly
SecFilterEngine On
# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"
# Some sane defaults
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies On
# enable version 1 (RFC 2965) cookies
SecFilterCookieFormat 1
SecServerResponseToken Off
#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes "(null) text/html text/plain"
# Accept almost all byte values
SecFilterForceByteRange 1 255
# Server masking is optional
#fake server banner - NOYB used - no one needs to know what we are using
SecServerSignature "NOYB"
#SecUploadDir /tmp
#SecUploadKeepFiles Off
# Only record the interesting stuff
SecAuditEngine RelevantOnly
SecAuditLog /var/log/apache2/security/audit_log
# You normally won't need debug logging
SecFilterDebugLevel 0
SecFilterDebugLog /var/log/apache2/security/modsec_debug_log
#And now, the rules
#Remove any of these Include lines you do not use or have rules for.
#First, add in your exclusion rules:
#These MUST come first!
Include /etc/modsecurity/exclude.conf
#Application protection rules
Include /etc/modsecurity/rules.conf
#Comment spam rules
Include /etc/modsecurity/blacklist.conf
#Bad hosts, bad proxies and other bad players
Include /etc/modsecurity/blacklist2.conf
#Bad clients, known bogus useragents and other signs of malware
Include /etc/modsecurity/useragents.conf
#Known bad software, rootkits and other malware
Include /etc/modsecurity/rootkits.conf
#Signatures to prevent proxying through your server
#only rule these rules if your server is NOT a proxy
Include /etc/modsecurity/proxy.conf
#Additional rules for Apache 2.x ONLY! Do not add this line if you use Apache 1.x
Include /etc/modsecurity/apache2-rules.conf
</IfModule>
beim starten des Apache passiert nun folgendes :
Code:
Konnte Apache nicht starten :
Starting httpd2 (prefork) Syntax error on line 1 of /etc/apache2/conf.d/mod_security.conf:
Cannot load /usr/lib/apache2-prefork/mod_security2.so into server: /usr/lib/apache2-prefork/mod_security2.so: undefined symbol: msr_log
The command line was:
/usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf
[1A..failed
wo könnte mein dummer Fehler liegen ? Das Modul ist in etc/apache2/httpd2-prefork.conf eingetragen
Da mauschel ich schon 2 Tage dran rum und kriegs nicht gebacken :-(
Last edited by a moderator: