Version vom 12. August 2015, 11:30 Uhr

Update of ModSec Rules

1. Download from https://waf.comodo.com/user/cwaf_revisions

2. Go to a temporary (or your own) directory:

mkdir cwaf_rules_<ver>
cd cwaf_rules_<ver>
tar xvzf ../tar xvzf ../cwaf_rules-<ver>.tgz

3. Change rules with mentioned IDs within those files:

02_Global_Agents.conf:
210830

07_XSS_XSS.conf:
212660
212510
212540
212750
213020
212800

25_Apps_Joomla.conf:
220240

31_Apps_OtherApps.conf:
222131

20_Outgoing_FilterInFrame.conf:
214530

21_Outgoing_FiltersEnd.conf:
214940

16_Outgoing_FilterPHP.conf:
214420

28_Apps_WPPlugin.conf:
226680

4. Change standard error code (because fail2ban watches for this status code for modsec action):

sed -i 's|status:403|status:510|g' *

@@ Zeile 1: / Zeile 1: @@
 = Update of ModSec Rules =
-# Download from https://waf.comodo.com/user/cwaf_revisions
+. Download from https://waf.comodo.com/user/cwaf_revisions
-# Im eigenem Verzeichnis (Kürzel):
+. Go to a temporary (or your own) directory:
 <pre>
 mkdir cwaf_rules_<ver>
@@ Zeile 10: / Zeile 10: @@
 </pre>
-# Regeln mit diesen IDs in folgenden Dateien Anpassen:
+. Change rules with mentioned IDs within those files:
 <pre>
 _Global_Agents.conf:
@@ Zeile 43: / Zeile 42: @@
 </pre>
-# Danach die Standard-Fehlermeldungen anpassen (damit die richtige fail2ban Aktion auslöst wird):
+. Change standard error code (because fail2ban watches for this status code for modsec action):
 <pre>
 sed -i 's|status:403|status:510|g' *
-</pre>
 </pre>

ModSec Rules - Update

Version vom 12. August 2015, 11:30 Uhr

Update of ModSec Rules

Meine Werkzeuge

Namensräume

Varianten

Ansichten

Aktionen

Suche

Navigation

Werkzeuge