DeveloperSide.NET Forums

DeveloperSide.NET => Web.Developer Server Suite Community Edition,
Public Support Forum => Topic started by: TazDevilLooney on March 30, 2010, 12:23:12 AM



Title: ModSecurity Settings
Post by: TazDevilLooney on March 30, 2010, 12:23:12 AM
Hi,

I'm just about to start hosting my first forum - Vbulletin V4 Suite -, but before i make it live would anyone have any recommendations for the security of the site.

From what i have read on these forums the web-developer suite contains the mod_security but is not active (logging only).

Would it be a good idear to turn in on, or is there otherthings i have to look into before i do that.

Because this is a MYSQL and PHP based software is there anything i can do to minimize any attack.

Any advice would be gratefully received

Taz


Title: Re: ModSecurity Settings
Post by: admin on March 30, 2010, 12:30:07 AM
The problem w/ mod_sec is that the general ruleset that comes with it will catch allot of false positives ... and if active, will prevent your site from working for visitors.

To use mod_sec properly you have to start from scratch and enter our own rules, or test the general rules and remove the ones causing false positives.

So you can turn it on, but do go through all your urls, file uploading, posting, etc and see what breaks. Then check the error log to see which rules came up and disable them.


Title: Re: ModSecurity Settings
Post by: TazDevilLooney on March 30, 2010, 12:35:04 AM
Thankyou for the quick reply.

1.Were would i go to enable this?
2.Will it affect any crawling for google/yahoo ect, by me enabling this without changing the rules?

I am also running a html site on another domain

This mod_security is new to me LOL.

I have had a quick look at my error_mass.log and there seems to be a lot of errors logged.


Taz


Title: Re: ModSecurity Settings
Post by: admin on March 30, 2010, 01:12:34 AM
Quote
1.Were would i go to enable this?

C:\www\Apache22\conf\extra\mod_security2\rules\modsecurity_crs_10_config.conf
SecRuleEngine DetectionOnly

To: On

Quote
2.Will it affect any crawling for google/yahoo ect, by me enabling this without changing the rules?

Maybe. Depends on what's crawled and what rules are triggered.


Title: Re: ModSecurity Settings
Post by: TazDevilLooney on March 30, 2010, 01:18:14 AM
I'll have a go at that. I guess when this is enabled it reads all the .conf files in that directory, or have you got to tell it what .conf files to include?

Just trying to get a picture of how this all works



Title: Re: ModSecurity Settings
Post by: TazDevilLooney on March 30, 2010, 08:34:26 AM
Hi,

What if i move this file from the directory, would this work?

modsecurity_crs_35_bad_robots.conf


Title: Re: ModSecurity Settings
Post by: admin on March 30, 2010, 04:19:02 PM
You should edit file : C:\www\Apache22\conf\extra\suite-global\suite-mod_security2.conf

This file "includes" all the mod_sec rule files into the config.

Comment out the robots file in the above.


Title: Re: ModSecurity Settings
Post by: TazDevilLooney on March 30, 2010, 06:11:54 PM
Thankyou your a star, that was just what i was after. :)

cheres Taz