Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - winpeace

Pages: [1]
1
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 09:52:47 AM »
Ok.
Can I ask how to update mod security rules for comodo waf?
What I write ssh?

2
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 05:35:43 AM »
:) :) :) Thanks your help. Its solve now.

3
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 05:27:20 AM »
Code: [Select]
LoadFile /usr/lib64/libxml2.so
LoadFile /usr/lib64/liblua-5.1.so

<IfModule !unique_id_module>
  LoadModule unique_id_module modules/mod_unique_id.so
</IfModule>

<IfModule !mod_security2.c>
  LoadModule security2_module  modules/mod_security2.so
</IfModule>

<IfModule mod_security2.c>
  <IfModule mod_ruid2.c>
    SecAuditLogStorageDir /usr/local/apache/logs/modsec_audit
    SecAuditLogType Concurrent
  </IfModule>
  <IfModule itk.c>
    SecAuditLogStorageDir /usr/local/apache/logs/modsec_audit
    SecAuditLogType Concurrent
  </IfModule>



  SecRuleEngine On
  SecAuditEngine RelevantOnly
  SecAuditLog /usr/local/apache/logs/modsec_audit.log
  SecDebugLog /usr/local/apache/logs/modsec_debug.log
  SecAuditLogType Serial
  SecDebugLogLevel 0
  SecRequestBodyAccess On
  SecDataDir /tmp
  SecTmpDir /tmp
  SecUploadDir /tmp
  SecCollectionTimeout 600
  SecPcreMatchLimit 1250000
  SecPcreMatchLimitRecursion 1250000
  Include "/usr/local/apache/modsecurity-cwaf/cwaf.conf"
</IfModule>

Code: [Select]
[Fri Aug 10 07:21:04.621201 2018] [:notice] [pid 16573:tid 139762516793216] ModS                                                                 ecurity: APR compiled version="1.6.2"; loaded version="1.6.2"
[Fri Aug 10 07:21:04.621209 2018] [:notice] [pid 16573:tid 139762516793216] ModS                                                                 ecurity: PCRE compiled version="8.32 "; loaded version="8.32 2012-11-30"
[Fri Aug 10 07:21:04.621213 2018] [:notice] [pid 16573:tid 139762516793216] ModS                                                                 ecurity: LIBXML compiled version="2.9.1"
[Fri Aug 10 07:21:04.621264 2018] [:notice] [pid 16573:tid 139762516793216] ModS                                                                 ecurity: Original server signature: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
[Fri Aug 10 07:21:04.621269 2018] [:notice] [pid 16573:tid 139762516793216] ModS                                                                 ecurity: Status engine is currently disabled, enable it by set SecStatusEngine t                                                                 o On.
[Fri Aug 10 07:21:05.674123 2018] [ssl:warn] [pid 16593:tid 139762516793216] AH0                                                                 1873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri Aug 10 07:21:05.676094 2018] [ssl:warn] [pid 16593:tid 139762516793216] AH0                                                                 1906: host.domain.com:443:0 server certificate is a CA certificate (BasicConst                                                                 raints: CA == TRUE !?)
[Fri Aug 10 07:21:06.185104 2018] [mpm_event:notice] [pid 16593:tid 139762516793                                                                 216] AH00489: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips CentOS WebPanel: Protecte                                                                 d by Mod Security configured -- resuming normal operations
[Fri Aug 10 07:21:06.185222 2018] [core:notice] [pid 16593:tid 139762516793216]                                                                  AH00094: Command line: '/usr/local/apache/bin/httpd'
[Fri Aug 10 07:21:06.328248 2018] [pagespeed:warn] [pid 16599:tid 13976227142630                                                                 4] [mod_pagespeed 1.13.35.2-0 @16599] Cache Flush 1

4
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 05:22:35 AM »
I remove and restart httpd but not change.  :( :( :(
Can you look please

5
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 05:15:11 AM »
Sir thanks but I reinstall vps with snapshot for try but I try your steps not change anything again.Not create.
Are there deficiencies in steps?

6
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 04:57:50 AM »
Oh my god.  Thank you very very much.
How to make ? I want to learn steps.

7
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 04:46:28 AM »
sorry for poor english.
so not solve?

8
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 04:13:28 AM »
Goto you public_html folder and type

rm -rf .htaccess

Then open wordpress admin goto permalink and choose one and save it. See if its working then

Ok I remove .htaccess file. And save permalink on wordpress but htaccess file not create.

9
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 04:08:39 AM »
Code: [Select]
[Fri Aug 10 05:44:15.737587 2018] [:notice] [pid 25212:tid 140007126083456] ModSecurity: APR compiled version="1.6.2"; loaded version="1.6.2"
[Fri Aug 10 05:44:15.737594 2018] [:notice] [pid 25212:tid 140007126083456] ModSecurity: PCRE compiled version="8.32 "; loaded version="8.32 2012-11-30"
[Fri Aug 10 05:44:15.737598 2018] [:notice] [pid 25212:tid 140007126083456] ModSecurity: LIBXML compiled version="2.9.1"
[Fri Aug 10 05:44:15.737602 2018] [:notice] [pid 25212:tid 140007126083456] ModSecurity: Original server signature: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
[Fri Aug 10 05:44:15.737605 2018] [:notice] [pid 25212:tid 140007126083456] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Fri Aug 10 05:44:15.931833 2018] [ssl:warn] [pid 25216:tid 140007126083456] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri Aug 10 05:44:15.934193 2018] [ssl:warn] [pid 25216:tid 140007126083456] AH01906: host.domain.com:443:0 server certificate is a CA certificate (BasicConstraint                                                                        s: CA == TRUE !?)
[Fri Aug 10 05:44:15.984095 2018] [mpm_event:notice] [pid 25216:tid 140007126083456] AH00489: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips CentOS WebPanel: Protected by                                                                         Mod Security configured -- resuming normal operations
[Fri Aug 10 05:44:15.984181 2018] [core:notice] [pid 25216:tid 140007126083456] AH00094: Command line: '/usr/local/apache/bin/httpd'

10
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 04:05:04 AM »
not creating settings  in htaccess file. Blank
mod security doesnt allow write htaccess

11
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 03:56:17 AM »
Code: [Select]
LoadFile /usr/lib64/libxml2.so
LoadFile /usr/lib64/liblua-5.1.so

<IfModule !unique_id_module>
  LoadModule unique_id_module modules/mod_unique_id.so
</IfModule>

<IfModule !mod_security2.c>
  LoadModule security2_module  modules/mod_security2.so
</IfModule>

<IfModule mod_security2.c>
  <IfModule mod_ruid2.c>
    SecAuditLogStorageDir /usr/local/apache/logs/modsec_audit
    SecAuditLogType Concurrent
  </IfModule>
  <IfModule itk.c>
    SecAuditLogStorageDir /usr/local/apache/logs/modsec_audit
    SecAuditLogType Concurrent
  </IfModule>



  SecRuleEngine On
  SecAuditEngine RelevantOnly
  SecAuditLog /usr/local/apache/logs/modsec_audit.log
  SecDebugLog /usr/local/apache/logs/modsec_debug.log
  SecAuditLogType Serial
  SecDebugLogLevel 0
  SecRequestBodyAccess On
  SecDataDir /tmp
  SecTmpDir /tmp
  SecUploadDir /tmp
  SecCollectionTimeout 600
  SecPcreMatchLimit 1250000
  SecPcreMatchLimitRecursion 1250000
  Include "/usr/local/apache/modsecurity-cwaf/cwaf.conf"



For example when modsecurity on one my plugin when save settings on wordpress gives error "Build rewrite rules error" but when close mod security problems gone.

I try add close modsecurity one domain to add vhost but not close;
Code: [Select]
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>


12
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 10, 2018, 03:46:34 AM »
Running below commands will fix your issue

Code: [Select]
sed -i 's|.*SecServerSignature "CentOS WebPanel: Protected by Mod Security".*||g' /usr/local/apache/conf.d/mod_security.conf
service httpd restart

not change our problem diffrent :(

13
Mod_Security / Re: ModSecurity adds index.php in permalinks
« on: August 09, 2018, 09:06:23 PM »
Hello,

Following on this topic, I have an issue with Mod Security and Wordpress. I am using Comodo WAF rules, and everything works great, except the fact that Wordpress is unable to write .htaccess file. I have to add everything manually in .htaccess.

If I disable Mod Security, everything returns to normal.

Any ideas?

cheers!

Same problem here. Anyone help us?

Pages: [1]