Difference between revisions of "ASL Lite"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "= Introduction = ASL Lite is a free unsupported lightweight rule updater and basic modsecurity setup project designed specifically as an atomicorp.com mod_security rule downl...")
 
m
Line 7: Line 7:
 
= Installation =
 
= Installation =
  
Just run this command as root:
+
Step 1) Run this command as root:
  
 
   wget -q -O - http://www.atomicorp.com/installer/asl-lite |sh
 
   wget -q -O - http://www.atomicorp.com/installer/asl-lite |sh
  
Then configure ASL Lite for your system
+
Step 2) Configure ASL Lite for your system
  
 
   asl-lite -c
 
   asl-lite -c
  
Then tell asl-lite to update your rules
+
Step 3) Make sure modsecurity is setup correctly
 +
 
 +
Please see the [[Atomic_ModSecurity_Rules]] page for configuration information.  You must setup modsecurity exactly as described on that page, third party modifications to modsecurity are not supported.
 +
 
 +
If you would like to have modsecurity setup for your automatically, please use [[ASL]].
 +
 
 +
Step 4) Update your rules
  
 
   asl-lite -u
 
   asl-lite -u
  
ASL Lite will ultimately replace the "Rules-Only" subscription, however it is optional nowYou do not need it to download the rules, but you are encouraged to use it. It is currently available for Redhat Enterprise Linux, CentOS, Fedora, Ubuntu and other Linux platforms. Other operating systems can be added upon request.
+
== Notes ==
 +
 
 +
On package managed systems, asl-lite will install a modsecurity build from the atomic yum repository upon installation.  asl-lite does not automatically update modsecurity, it will only perform this action upon installation[[ASL]] has the capability of automatically maintaining modsecurity, and will automatically upgrade it when necessary.
 +
 
 +
On non-package managed systems, that is systems that have a source compiled version of modsecurity installed (such an cpanel), asl-lite will download the source for modsecurity form the atomicorp repositories.  It will then check the system to ensure a valid compilation environment exists, and will automatically download the necessary components and libraries to compile modsecurity.
 +
 
  
 
= Uninstalling =
 
= Uninstalling =
Line 70: Line 81:
  
 
ASL-Lite users should see a result similar to the above when only the MODSEC rules will be updated.  [[ASL]] users will be able to update and install all the components (ASL, APPINV, CLAMAV, GEOMAP, MODSEC and OSSEC).
 
ASL-Lite users should see a result similar to the above when only the MODSEC rules will be updated.  [[ASL]] users will be able to update and install all the components (ASL, APPINV, CLAMAV, GEOMAP, MODSEC and OSSEC).
 
== Notes ==
 
 
On package managed systems, asl-lite will install a modsecurity build from the atomic yum repository upon installation.  asl-lite does not automatically update modsecurity, it will only perform this action upon installation.  [[ASL]] has the capability of automatically maintaining modsecurity, and will automatically upgrade it when necessary.
 
 
On non-package managed systems, that is systems that have a source compiled version of modsecurity installed (such an cpanel), asl-lite will download the source for modsecurity form the atomicorp repositories.  It will then check the system to ensure a valid compilation environment exists, and will automatically download the necessary components and libraries to compile modsecurity.
 

Revision as of 13:06, 23 June 2012

Contents

Introduction

ASL Lite is a free unsupported lightweight rule updater and basic modsecurity setup project designed specifically as an atomicorp.com mod_security rule downloader for custom apache environments or non-apache/mixed web server implementations. It will on a standard system maintain modsecurity rules to the current version automatically, and upon installation will attempt to determine if modsecurity is installed on the system, and if so, what version if installed. If modsecurity is not installed, it will attempt to install it, and if the installed version is out of date it will attempt to upgrade it to the latest stable version.

ASL Lite supports a guided dialog similar to the standard asl configuration, that allows for the definition of custom commands for restarting web services, location of configuration files, and use via cron. If you need a supported tool to configure, install and manage modsecurity for you, please use ASL.

Installation

Step 1) Run this command as root:

 wget -q -O - http://www.atomicorp.com/installer/asl-lite |sh

Step 2) Configure ASL Lite for your system

 asl-lite -c

Step 3) Make sure modsecurity is setup correctly

Please see the Atomic_ModSecurity_Rules page for configuration information. You must setup modsecurity exactly as described on that page, third party modifications to modsecurity are not supported.

If you would like to have modsecurity setup for your automatically, please use ASL.

Step 4) Update your rules

 asl-lite -u

Notes

On package managed systems, asl-lite will install a modsecurity build from the atomic yum repository upon installation. asl-lite does not automatically update modsecurity, it will only perform this action upon installation. ASL has the capability of automatically maintaining modsecurity, and will automatically upgrade it when necessary.

On non-package managed systems, that is systems that have a source compiled version of modsecurity installed (such an cpanel), asl-lite will download the source for modsecurity form the atomicorp repositories. It will then check the system to ensure a valid compilation environment exists, and will automatically download the necessary components and libraries to compile modsecurity.


Uninstalling

If your system uses package management, run this command as root:

 yum remove asl-lite

If your system does not use package management, there is no automated uninstall, you will need to manually remove asl-lite. The default location for asl-lite is:

/var/asl/bin/asl-lite

Note: This will not disable the rules, or disable modsecurity. To disable the rules, you will need to remove those Atomicorp rules you manually installed. To disable modsecurity, you will also need to remove your modsecurity configuration if you wish to disable the modsecurity.

Using

Manually updating your rules

To update your rules just run this command as root:

 asl-lite -u

Automatically updating your rules

We recommend you create a cronjob to automatically update the rules. Your system will only need to update the rules every 24 hours, we do not recommend you configure it to update more often than this as modsecurity requires apache to be restarted when new rules.

Please contact your OS vendor for support with cron if you do not know how to use it.

A simple cronjob to add would look like this (change HOUR and MINUTE to times that work for you)

MINUTE HOUR * * * /var/asl/bin/asl-lite -u

Output of asl-lite -u

When asl-lite runs it will check the status of a number of different components of ASL. If you have an ASL license it will download all of these, if you only have an asl-lite license it will only download the mod_security rules. The following is a typical output of the updater:

Checking for updates.. ASL version is current: package asl is not installed [OK] APPINV rule updates are available: 201008021738 [INFO] CLAMAV rule updates are available: 201105101031 [INFO] GEOMAP rule updates are available: 201105100956 [INFO] Updating MODSEC to 201105101326: updated [OK] Stopping httpd: [ OK ] Starting httpd: [ OK ] OSSEC rule updates are available: 201105100943 [INFO]

INFO means that an update is available, but your system does not have a license to download and install it. updated means that an update is available and has been installed on your system.

ASL-Lite users should see a result similar to the above when only the MODSEC rules will be updated. ASL users will be able to update and install all the components (ASL, APPINV, CLAMAV, GEOMAP, MODSEC and OSSEC).

Personal tools