Difference between revisions of "Atomic ModSecurity Rules FAQ"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with '1. asl-lite -u says "package asl is not installed". asl-lite is a subset of ASL, so it has the same update code used in ASL. This is expected, in future releases the plan is…')
 
m
Line 1: Line 1:
1. asl-lite -u says "package asl is not installed".
+
== '''Are these the gotroot.com rules?'''==
 +
 
 +
Yes they are, the one and same (and that website is being merged into this website).  We are the oldest and most experienced mod_security rule authors out there.  We were putting out rules long before mod_security was acquired and then acquired again.  More sites use our rules and have been using then longer than everyone else combined.  If you use our rules, you're in good company.
 +
 
 +
== '''asl-lite -u says "package asl is not installed".''' ==
  
 
asl-lite is a subset of [[ASL]], so it has the same update code used in ASL. This is expected, in future releases the plan is to have it check for asl-lite updates.
 
asl-lite is a subset of [[ASL]], so it has the same update code used in ASL. This is expected, in future releases the plan is to have it check for asl-lite updates.
  
2. I used to use your Free rules, with the new rules the dates on some of my rule files appear to have changed  
+
== '''I used to use your Free rules, with the new rules the dates on some of my rule files appear to have changed''' ==
  
 
That is expected. ASL-Lite is a rule updater, and we release updates daily. Sometimes even multiple times a day depending on attack trends.
 
That is expected. ASL-Lite is a rule updater, and we release updates daily. Sometimes even multiple times a day depending on attack trends.
  
3. I'm getting this error "Rule execution error - PCRE limits exceeded (-8): (null)."
+
== '''I'm getting this error "Rule execution error - PCRE limits exceeded (-8): (null)."''' ==
  
 
This is a limitation of your implementation of mod_security, atomic mod_security builds do not produce this either.  You can either download our builds from here:
 
This is a limitation of your implementation of mod_security, atomic mod_security builds do not produce this either.  You can either download our builds from here:
Line 19: Line 23:
 
Your best choice is to use our builds.
 
Your best choice is to use our builds.
  
4. Why should I change my CPanel mod_Security config file?
+
== '''Why should I change my CPanel mod_Security config file?''' ==
  
 
Its incomplete and will not scan all types of attacks.  We are security experts, all we do is think about ways of stopping the bad guys.
 
Its incomplete and will not scan all types of attacks.  We are security experts, all we do is think about ways of stopping the bad guys.
  
5. /usr/bin/modsec-clamscan.pl is not installed on the server.
+
== '''/usr/bin/modsec-clamscan.pl is not installed on the server.''' ==
  
 
Malware scanning is not included in the rules only subscription.  [[ASL]] comes with malware upload scanning for HTTP, SSH, FTP and other protocols, including real time malware protection and much more.  If you want malware upload protection, upgrade to [[ASL]].
 
Malware scanning is not included in the rules only subscription.  [[ASL]] comes with malware upload scanning for HTTP, SSH, FTP and other protocols, including real time malware protection and much more.  If you want malware upload protection, upgrade to [[ASL]].
 +
 +
We also don't include that file or use the methods demonstrated in it because it doesn't scale very well.

Revision as of 17:45, 23 August 2010

Contents

Are these the gotroot.com rules?

Yes they are, the one and same (and that website is being merged into this website). We are the oldest and most experienced mod_security rule authors out there. We were putting out rules long before mod_security was acquired and then acquired again. More sites use our rules and have been using then longer than everyone else combined. If you use our rules, you're in good company.

asl-lite -u says "package asl is not installed".

asl-lite is a subset of ASL, so it has the same update code used in ASL. This is expected, in future releases the plan is to have it check for asl-lite updates.

I used to use your Free rules, with the new rules the dates on some of my rule files appear to have changed

That is expected. ASL-Lite is a rule updater, and we release updates daily. Sometimes even multiple times a day depending on attack trends.

I'm getting this error "Rule execution error - PCRE limits exceeded (-8): (null)."

This is a limitation of your implementation of mod_security, atomic mod_security builds do not produce this either. You can either download our builds from here:

Atomicorp RPM repository

Or you will need to build it like we do with our RPM (http://www4.atomicorp.com/channels/source/mod_security/mod_security.spec see the %build section).

Or check the atomic forums to see what luck other users have had if you choose to use a third parties mod_security build.

Your best choice is to use our builds.

Why should I change my CPanel mod_Security config file?

Its incomplete and will not scan all types of attacks. We are security experts, all we do is think about ways of stopping the bad guys.

/usr/bin/modsec-clamscan.pl is not installed on the server.

Malware scanning is not included in the rules only subscription. ASL comes with malware upload scanning for HTTP, SSH, FTP and other protocols, including real time malware protection and much more. If you want malware upload protection, upgrade to ASL.

We also don't include that file or use the methods demonstrated in it because it doesn't scale very well.

Personal tools