ModSec Rules - Update
Aus HS Syswiki
(Unterschied zwischen Versionen)
Mrh (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „= Update of ModSec Rules = # Download from https://waf.comodo.com/user/cwaf_revisions # Im eigenem Verzeichnis (Kürzel): <pre> mkdir cwaf_rules_<ver> cd c…“) |
Mrh (Diskussion | Beiträge) |
||
Zeile 1: | Zeile 1: | ||
= Update of ModSec Rules = | = Update of ModSec Rules = | ||
− | + | 1. Download from https://waf.comodo.com/user/cwaf_revisions | |
− | + | 2. Go to a temporary (or your own) directory: | |
<pre> | <pre> | ||
mkdir cwaf_rules_<ver> | mkdir cwaf_rules_<ver> | ||
Zeile 10: | Zeile 10: | ||
</pre> | </pre> | ||
− | + | 3. Change rules with mentioned IDs within those files: | |
− | + | ||
<pre> | <pre> | ||
02_Global_Agents.conf: | 02_Global_Agents.conf: | ||
Zeile 43: | Zeile 42: | ||
</pre> | </pre> | ||
− | + | 4. Change standard error code (because fail2ban watches for this status code for modsec action): | |
<pre> | <pre> | ||
sed -i 's|status:403|status:510|g' * | sed -i 's|status:403|status:510|g' * | ||
− | |||
− | |||
</pre> | </pre> |
Version vom 12. August 2015, 11:30 Uhr
Update of ModSec Rules
1. Download from https://waf.comodo.com/user/cwaf_revisions
2. Go to a temporary (or your own) directory:
mkdir cwaf_rules_<ver> cd cwaf_rules_<ver> tar xvzf ../tar xvzf ../cwaf_rules-<ver>.tgz
3. Change rules with mentioned IDs within those files:
02_Global_Agents.conf: 210830 07_XSS_XSS.conf: 212660 212510 212540 212750 213020 212800 25_Apps_Joomla.conf: 220240 31_Apps_OtherApps.conf: 222131 20_Outgoing_FilterInFrame.conf: 214530 21_Outgoing_FiltersEnd.conf: 214940 16_Outgoing_FilterPHP.conf: 214420 28_Apps_WPPlugin.conf: 226680
4. Change standard error code (because fail2ban watches for this status code for modsec action):
sed -i 's|status:403|status:510|g' *