Difference between revisions of "Modsecurity rpms"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "= Introduction = aum and ASL will automatically install and manage mod_security to ensure the correct version is installed for the version of rules on the system. mo...")
 

Latest revision as of 12:09, 24 August 2015

Contents

[edit] Introduction

aum and ASL will automatically install and manage mod_security to ensure the correct version is installed for the version of rules on the system. modsecurity rules are version specific. modsecurity has a rule language that changes with new versions, where command syntax changes, new capabilities are added, old capabilities are retired, and new dependencies require changes in the rules, or changes in configuration. In some cases, these changes will mean that a feature no longer works as it did in previous versions at all, or the rule syntax changes may not be understood by older or even newer versions of modsecurity.

Using the correct version of modsecurity with the rules is critical. In some cases, changes way cause modsecurity to fail silently, such as recent changes in file upload stubs, that cause modsecurity 2.9.0 to no longer scan uploads if the system is not using additional configuration changes for 2.9.0.

[edit] Installation

[edit] Rules Only

Install aum, and aum will install and upgrade mod_security for you. Do not use third party builds of mod_security with our rules.

[edit] ASL

ASL will automatically install and upgrade mod_security. Do not install mod_security, or replace it with third party versions.

[edit] Current versions available by platform

[edit] EL 5

2.7.7

It is not possible to build 2.9.0 rpms for EL 5 systems. mod_security uses functions that dont exist in apache 2.2.3.

If you need 2.9.0 for an EL5 system, there are two options:

1) Use ASL as a proxy in front of apache 2.2.3.

2) Professional services. Because the version of apache, 2.2.3, on EL5 is too old to support 2.9.0, systems that wish to use 2.9.0 will need to have apache replaced with a newer version, including its support libraries. Please contact us if you would like a quote.

Note: 2.8.0 has significant bugs, and should not be used with any platform. 2.8.0 is not supported.


[edit] EL 6

2.9.0

[edit] EL 7

2.9.0

Personal tools