Running The Complete Mod_sec Ruleset From Gotroot
Apr 13, 2009
I just updated my mod_security rules to version 2 with the new rules from gotroot.com. I simply included them all. I know before with their 1.95 rules I had to sit and delete tons of useless rules as well as having to delete rules that interfered with peoples web apps.
So I figure it may be different with new version. Is anyone here running these rules on a hosting server? Doesn't matter cpanel or whatever, just an average shared server with moistly php/mysql sites.
View 3 Replies
ADVERTISEMENT
Jun 18, 2007
I'm in the process of upgrading from mod_sec v1 to v2. So far apache runs fine, but when I try to test a very basic rule, nothing happens. I've set up the debug log, but it stays at 0 bytes.
View 1 Replies
View Related
Jul 9, 2007
in which case a hacker will know how to get around it, I'm just asking if someone here with a good quality and current ruleset could PM it to me. I want to compare it to my own ruleset and see what I can add to it.
I've just had an annoying exploit recently and I am looking to try to improve my mod_security ruleset,
View 0 Replies
View Related
Oct 20, 2007
where I can find or get the latest, and with better design ruleset for modsecurity? I have one, but it is really old.
View 1 Replies
View Related
Jul 2, 2009
Im using a vps with centos 5 and cpanel/whm with apache 2.2.
Im tring to figure out how to use the gotroot rules with mod_security. I had enabled mod_security with easy apache. I tried to follow some other post had I found around on other forums with no luck really, with that said I am a linux noob. I had tried to follow the wiki on atomic sites <-- not enof post so I cant do links sorry, but I found it hard to under stand cause I dont have a modsecurity.config file that I can find, also I cant find AddModule mod_security.c in my httpd.config, but I did find this line, Include "/usr/local/apache/conf/modsec2.conf". My thing is im looking for a complete noob guide on how to use gotroot rules with mod_security enabled through easy apache, or would it be easyer to manully install mod_security?
View 11 Replies
View Related
Feb 4, 2008
I just wanted to confirm if you guys had the same problem. It seems that mod_security with gotroot rules for apache 1.3 is filtering out firefox. Everything works fine with IE. With the latest firefox I get this for any page requested:
mod_security-message: Access denied with code 500. Pattern match "^GET (http|https|ftp):/" at THE_REQUEST [severity "EMERGENCY"]
View 4 Replies
View Related
Sep 1, 2007
first we have, uname -a
Code:
Linux nsa.nullbytehosting.com 2.6.9-55.plus.c4 #1 Sun May 20 10:11:05 EDT 2007 i686 i686 i386 GNU/Linux
this is centos4.5 I believe.
and I have 5 ip addresses.
208.110.67.101 at eth0:0
208.110.67.114 at eth0:1
208.110.67.115 at eth0:2
208.110.67.116 at eth0:3
208.110.67.117 at eth0:4
my problem.
I cannot seem to get my dns working properly.
I am pointing my domain of nullbytehosting.com to ns1.nullbytehosting.com and ns2.nullbytehosting.com and of course , iuse godaddy, and ive configured that part properly.
Ive recently stopped using any control panel software, and started using ssh only.
I can access ns1 and ns2 . nullbytehosting.com just fine.
www. or just plain old nullbytehosting.com and its a no go.
allow me to show you my files.
/etc/resolv.conf
Code:
search nullbytehosting.com
nameserver 208.110.67.101
nameserver 208.110.67.114
/var/named/chroot/etc/named.conf
Code:
//
// named.conf for Red Hat caching-nameserver
//
include "/etc/rndc.key";
controls {
inet 127.0.0.1 allow { localhost; } keys { "rndckey"; };
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
recursion no;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
query-source address * port 53;
multiple-cnames yes;
fetch-glue yes;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "/var/named/named.ca";
};
zone "localdomain" IN {
type master;
file "/var/named/localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "/var/named/localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "/var/named/named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "/var/named/named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "/var/named/named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "/var/named/named.zero";
allow-update { none; };
};
zone "nsa.nullbytehosting.com" {
type master;
file "/var/named/nsa.nullbytehosting.com.db";
};
zone "nullbytehosting.com" {
type master;
file "/var/named/nullbytehosting.com.db";
};
zone "enigmagroup.org" {
type master;
file "/var/named/enigmagroup.org.db";
};
zone "2020code.com" {
type master;
file "/var/named/2020code.com.db";
};
zone "megansblog.info" {
type master;
file "/var/named/megansblog.info.db";
};
logging {
};
view test {
};
/var/named/nsa.nullbytehosting.com.db
Code:
$TTL 14400
@ 86400 IN SOA ns1.nullbytehosting.com. nullbytehosting.gmail.com. (
2007031502
86400
7200
3600000
86400
)
ns1.nullbytehosting.com. 14400 IN A 208.110.67.101
ns2.nullbytehosting.com. 14400 IN A 208.110.67.114
mail.nullbytehosting.com. 14400 IN A 208.110.67.101
nsa.nullbytehosting.com. 14400 IN A 208.110.67.101
ftp.nullbytehosting.com. 14400 IN A 208.110.67.101
www.nullbytehosting.com. 14400 IN CNAME nullbytehosting.com.
test.nullbytehosting.com. 14400 IN CNAME nullbytehosting.com.
nsa.nullbytehosting.com. 14400 IN MX 0 mail.nullbytehosting.com.
nsa.nullbytehosting.com. 14400 IN NS ns1.nullbytehosting.com.
nsa.nullbytehosting.com. 14400 IN NS ns2.nullbytehosting.com.
nsa.nullbytehosting.com. 14400 IN A 208.110.67.101
/var/named/nullbytehosting.com.db
Code:
$TTL 14400 nullbytehosting.com 14440 IN SOA ns1.nullbytehosting.com. psychomarine.gmail.com. (
2007031601
86400
7200
3600000
86400
)
ns1 14400 IN A 208.110.67.101
ns2 14400 IN A 208.110.67.114
mail 14400 IN A 208.110.67.101
ftp 14400 IN A 208.110.67.101
www 14400 IN CNAME nullbytehosting.com.
nullbytehosting.com. 14400 IN MX 0 mail.nullbytehosting.com.
nullbytehosting.com. 14400 IN NS ns1.nullbytehosting.com.
nullbytehosting.com. 14400 IN NS ns2.nullbytehosting.com.
nullbytehosting.com. 14400 IN A 208.110.67.101
/var/named/named.local
Code:
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
/var/named/named.zero
Code:
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
/var/named/localdomain.zone
Code:
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
5M ; refresh
5M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
/var/named/named.broadcast
Code:
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
and finally, here is a list of the files in the /var/named directory.
Code:
/slaves
/chroot
/data
named.broadcast
named.zero
localdomain.zone
named.ca
localhost.zone
named.ip6.local
named.local
nsa.nullbytehosting.com.db
nullbytehosting.com.db
can someone please inform me of why this isnt allowing me to see nullbytehosting.com www.nullbytehosting.com or any sites I point to ns1.nullbytehosting.com or ns2.nullbytehosting.com
clearly accessing
ns1.nullbytehosting.com
ns2.nullbytehosting.com
shows the default page I intend to see, however
nullbytehosting.com
www.nullbytehosting.com
or anyhting like that doesnt exist.
A lookup on the dns tools website, shows alot of errors , that google isnt much help with. everyone has their own way, and none seem to put it all together and work properly.
View 5 Replies
View Related
Oct 22, 2006
how i up the backup complete on my reseller?
View 6 Replies
View Related
Apr 9, 2009
They make me wait no more than 15 minutes for support responses and I have experienced no downtime whilst being with them. Why does everything have to be so good?
Now, being serious about it:
I ordered my VPS with them two months ago because I wanted to cut down on the amount of servers that I leased. The deployment was completed within about 8 hours, had to wait for good old Otto to be deployed onto the world wide web.
I submitted some issues regarding a bit of drag in the network, slow response times etc and they responded promptly explaining the current packet loss issues with Limestone and all seemed to be resolved within an hour or so.
The ONLY issue I had is that their WHMCS, which might I say is nicely designed right now, forgot to invoice me! Other than that, superb experience all round!
Support: 9/10
Network: 10/10
Customer Service: 11/10
Billing: 9.5/10
View 7 Replies
View Related
Sep 27, 2008
I ordered a vps from servercomplete 2 months ago and it is great..Top Speed, Awesome Network and Great Customer Support ..Just ordered another vps from ServerComplete.The VPS performance has been excellent.Server loads are always low.It’s always responsive and has had excellent uptime.
Communication: 10/10
Support: 10/10
Server performance: 10/10
Uptime: 10/10
-
Overall Rating 10/10.
I'm very impressed with the service I've received. The owner Daniel is a great guy who always seems to be improving things for us somewhere and is amazingly down-to-earth.My order was flagged by maxmind.He approved my order manually.I hope this post will help for all of you guys who are planning to change your vps providers or buy new vps.I highly recommend them.
View 5 Replies
View Related
Jul 20, 2007
I am wondering is there any software could offer auto complete feature for linux command? most linux need enter lots of parameters, if there is such a tool, that could be cool & great.
View 6 Replies
View Related
Jun 22, 2007
how often does a colo provider's datacenter go down? I'm not talking about resellers or their racks, but the primary provider itself.
This has been the 2nd time (this year I believe) that my datacenter at NAC has suffered a complete power outage [url], their backups failed, and my entire rack of servers were power-cycled.
Luckily I am not a web host but I am running some critical public web services/sites. I have all of the equipment to manage my own colocated machines from afar (monitoring, remote reboot hardware, and KVM/IP hardware for all of my machines) but I'm dead in the water if my datacenter's power is out.
I always ease my pain throughout a network outage or power outage by visiting DSLReports. Their HUGE website is hosted in the same datacenter (probably in the same room) as me and while it is a terrible thing to say, being able to share the downtime with a bigger fish is easier for me to handle.
View 14 Replies
View Related
Nov 2, 2014
if I load a webpage from my server, the browser keeps still loading this page and doesn't finish loading. First if I refresh the page, I get the full page content. Sometimes there is html-data missing, sometimes I get only a part of an image. I tried different browsers and different computers, everywhere the same problem.
View 2 Replies
View Related
Aug 27, 2014
seems the centos 7 support is not yet fully full.
Error: ifmng failed: sh: /sbin/ifconfig: No such file or directory /sbin/ifconfig 'eth0:1' '1.2.3.4' netmask '255.255.255.0' up exited with non-zero status 127
In Plesk 12.0.18 Update #14 when adding an IP with the Plesk Webinterface.
View 7 Replies
View Related
Oct 5, 2009
I want to purchase a dedicated server onwhich I can set up XEN and make few virtual machines.
how to manage backups - get a sepeare machine and configure it as a NAS, use R1Soft backups etc.
View 5 Replies
View Related
Apr 14, 2008
I recently signed up for a VPS server with 512 MB of RAM. I will be hosting two sites on this VPS server. One is not online yet and I just have a Coming soon page up. The other is a Wordpress blog that is running. I don't have any users yet. But my VPS server is currently using ~410 or my 512 MB. This is with essentially nothing running yet. Does anyone else run their websites with only 512 MB or do I need to upgrade to at least 1 GB? I also checked out which processes are taking up the most
(% wise):
5.6 1 /usr/bin/spamd
5.4 2 spamd
3.8 1 /usr/bin/python
3.4 1 /usr/sbin/mysqld
1.7 1 /usr/local/apache/bin/httpd
1.7 1 cpsrvd
1.7 1 cpdavd
1.6 1 /usr/sbin/restorecond
I know I can't disable apache but what about the others? Spam Assasin is disabled in the WHM but the process restarts even after I kill it. Is Python necessary? I am using php apps..
View 12 Replies
View Related
Nov 13, 2007
after compiling rtg, I run this
/usr/local/rtg/bin/rtgpoll -v -t targets.cfg
and see the data is collected already. However, I cannot keep ssh window all the times. So, how to run rtg automatically as daemon?
View 3 Replies
View Related
Jul 20, 2007
let alone with mysql. Have tried to install those both and have tried endless variations of php settings adn moving php.ini around and checked PATH in IIS adn teh extension .php is enabled.
Question:
Should php.ini be copied to Windows or Windows/system32 directory?
I have a test.php file in my virtual directory. I did have it working at one time but then I installed the extensions so I could have teh mysql extension and it hasn't worked since.
I am just a newbie trying to create a testing environment so I can teach myself PHP. I have endless books, have tried the Yanks method but I am not sure it applies to PHP5.
I have PHP at c:/program files/php/ is this a problem? Shoud it just be directly in the c directory? Does that matter?
View 0 Replies
View Related
Jun 17, 2007
I installed csf as my server's firewall with using cpanel besides, I've customized configuration file and everything seems to be right but when i use csf -s it results this error :
iptables: No chain/target/match by that name
LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `LOGDROPIN'
Flushing chain `LOGDROPOUT'
Flushing chain `acctboth'
Deleting chain `LOGDROPIN'
Deleting chain `LOGDROPOUT'
Deleting chain `acctboth'
Error: iptables command [/sbin/iptables -v -A LOGDROPIN -p tcp -m limit --limit 30/m --limit-burst 5 -j LOG --log-prefix 'Firewall: *TCP_IN Blocked* '] failed, at line 196
View 14 Replies
View Related
Apr 27, 2007
i'm thinking of installing virtualization software on a linux vps machine.
reason... windows vps vost so much and linux are much cheaper.
so within my cheap linux vps, i can install virtual windows using my pre-purchased win2000 license key.
has anyone tried this or is it completely not possible. also what linux-host virtualization software would you recommend?
note my linux vps already has kde with vnc running so i have a graphical interface to my linux vps at home.
View 14 Replies
View Related
Aug 13, 2007
I'm aware of the limitations of using Sun's JVM on a VPS. Are there any good JVMs I can run besides Sun's?
View 14 Replies
View Related
Jan 19, 2008
I have a question that's been bugging me for a few months now (which has gotten worse as traffic increases). I run a site that gets some decent traffic (about 9-10M pageviews per month), and is mostly made up of HTML pages with a lot of images (some pages have about 200k of images, others have maybe 1.5-2MB of them). I have a dedicated server that has 2TB of bandwidth per month, and I'm quickly approaching the 2TB point... what should I do?
Normally, I'd buy more bandwidth... but the host I have charges $400/month for 10mbps unmetered bandwidth -- more than the cost of the server each month! What other options do I have?
View 12 Replies
View Related
Apr 30, 2009
I'm looking into purchasing a VPS, and I saw unmanaged are cheaper.
What would I need to know/learn to do maintain an unmanaged VPS?
View 14 Replies
View Related
Apr 15, 2009
I'm trying to run sshfs on my VPS but it seems to require the fuse module compiled on kernel. I already asked my host but they said that they won't change the kernel.
Is there an alternative to sshfs? I really need something to mount an external server.
View 4 Replies
View Related
Jan 5, 2009
I've written an application that acts as a game server for a simple game I'm creating. From what my friends tell me you can't run an exe on a webhost. They did however tell me that you can run java apps on a host that gives ssh access.
View 8 Replies
View Related
Jul 22, 2007
If I restart VPS (vzctl stop 1002 | vzctl start 1002 ) I can't join from ssh - not working, but remaining services start correctly: ftp, cpanel, etc.
View 9 Replies
View Related
