From Fedora Project Wiki

Revision as of 02:38, 30 May 2010 by Jokajak (talk | contribs)

I'm going to document mod_security setup.

  1. yum install mod_security
  2. mkdir /var/lib/httpd/mod_security
  3. add SecDataDir /var/lib/httpd/mod_security to /etc/httpd/modsecurity.d/modsecurity_localrules.conf

In my test this removed all messages from the error log in apache. I would recommend that we add the following configuration directives to put the logging in their own files in modsecurity_localrules.conf:

SecAuditLog logs/modsec_audit.log

Ok, so I got my proxy fully set up so I can now post through my proxy. I've updated the mod_security configuration to be: 

# Drop your local rules in here.

SecDataDir /var/lib/httpd/mod_security
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log
SecAuditLogParts ABCFHZ
SecAuditLogStorageDir /var/lib/httpd/modsec_logs
SecAuditLogType Concurrent

SecDebugLog /var/lib/httpd/modsec_logs/modsec_debug.log
SecDebugLogLevel 0
Retrieved from "https://fedoraproject.org/w/index.php?title=User:Jokajak&oldid=177015"