07 Sep 2010 
Support Center » Knowledgebase » Mod Security ASL Protection from gotroot.com [Anti Exploits]
 Mod Security ASL Protection from gotroot.com [Anti Exploits]
Article This an basic tutorial to how to setup ASL modsecurity rules
requirement :
  • Apache 2.x
  • modsecurity 2.5
Please be-careful on using the following step for the ASL Configuration.
For more Useful System Administration articles visit the knowledgebase at http://hyperois.com/support 

Step 1)
mkdir /etc/asl
touch /etc/asl/whitelist
cd /usr/local/apache/conf
wget http://hyperois.com/files/asl_modsec_rules.tar.gz
tar -xzvf asl_modsec_rules.tar.gz

Step 2) Edit "modsec2.user.conf" 
cp modsec2.user.conf modsec2.user.conf.backup
vi modsec2.user.conf

Step 3) Copy and Paste the following configuration to it
SecComponentSignature 201002051427
SecDataDir /usr/local/apache/logs/data
SecRequestBodyAccess On
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditEngine RelevantOnly
# SecAuditLogRelevantStatus "^(?:5|4(?!04))"
# SecAuditLogType Concurrent
SecAuditLogParts ABIFHZ
SecDebugLogLevel 0
SecArgumentSeparator "&" 
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial
SecDataDir /var/asl/data/msa


#ASL Rules
Include /usr/local/apache/conf/modsec_rules/*asl*.conf


Article Details
Article ID: 43
Created On: 31 Jul 2010 11:25 PM

 This article was helpful  This article was not helpful

 User Comments Add a Comment
 Back
 Log in [Lost Password] 
E-mail:
Password:
Remember Me:
 
 Search
 Article Options
 Add Comment
 Print Article
 PDF Version
 E-mail Article
 Add to Favorites
Home | Register | Submit a Ticket | Knowledgebase | Troubleshooter | News | Downloads
Language: