hi,

I dont have mod_security because it create some problems with many CMS.

But i need to knos if i can add sone lines in httpd.conf from this file: http://modsecrules.monkeydev.org/rules.php?safety=aggressive
Or this file: http://modsecrules.monkeydev.org/rules.php?safety=experimental

For example:

# Rule ID: 14
# Safety: Safe
#
#
# Only accept request encodings we know how to handle
# we exclude GET/HEAD requests from this because some (automated)
# clients supply "text/html" as Content-Type

SecFilterSelective REQUEST_METHOD "!^(GET|HEAD)$" chain
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"





If i can, how i add int? How i find httpd.conf and above "what" i put this?


Stay cool,
[]'s
Rui

try this

cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-mod_sec (makes backup)

pico /usr/local/apache/conf/httpd.conf
hit ctrl+w on your keyboard and search for: AddModule mod_security.c
Then right below it use the right clicker of your mouse to add the mod_security rules (it will paste if they are in teh clipboard).

Once that's done, CTRL+X and then put Y and overwrite the file.

service httpd restart

If doesn't restart you can put back the old config:
cp /etc/httpd/conf/httpd.conf-mod_sec /etc/httpd/conf/httpd.conf
if it asks, hit Y and then overwrite the file.
then do service httpd restart

YOu mentioned you do not have mod_security installed, in order to use the rules you need to have it installed. If you create good rules, then you should not have any problems with the CMS.

http://www.eth0.us/mod_security

Guide to install mod_sec.

hi,

i dont want install mod_security, just searching for a way to add some rules withnot mod_security.

Thanks anyway.

hi,

i dont want install mod_security, just searching for a way to add some rules withnot mod_security.

Thanks anyway.
..................................

How can you add mod_security rules without mod_security installed?

Yes, that is my original idea.
Sume rules are good, other bad.

Have a look at this site http://modsecrules.monkeydev.org/index.php
Infact, I'm sure you can selective about your rules, and select exactly those rules that you want to run and forget the rest. I guess the above site will help quite a bit in the selection of rules too.

Rui

To be clear, what everyone is telling you is that you need to install mod_security, then tune the rules to your liking. You don't need to use any rules you dont want.

hth
charles

Yes, that is my original idea.
Sume rules are good, other bad.
You don't need to use the rules that are placed on eth0's site. You can select whatever rules you want.