/ Register

Want more timely Centmin Mod News Updates?
Become a Member

Beta Branch update prep for ModSecurity v3.0

Discussion in 'Centmin Mod Github Commits' started by eva2000, Aug 5, 2017.

Tags:
Previous Thread Next Thread
Loading...
Page 3 of 3
  1. Feb 18, 2020 #41
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    unless you know how to configure modsecurity and it's gotchas, I'd avoid it. if using Cloudflare Pro and higher paid plans, you already have CF WAF available anyway.
     
  2. Feb 21, 2020 #42
    Rake-GH

    Rake-GH Active Member

    179
    93
    28
    Jul 29, 2019
    USA
    Ratings:
    +144
    Local Time:
    3:05 PM
    default
    default
    I don't use the paid cloudflare. But I did get modsecurity installed, got it setup and got it to trigger with your test rule. Pretty neat. I'm just gonna play with it in DetectionOnly mode for a couple days.

    I also found they have an exclusion profile for Xenforo too: crs_exclusions_xenforo
     
  3. Feb 21, 2020 #43
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    oh didn't know that :cool:
     
  4. Aug 6, 2021 #44
    Pasta

    Pasta New Member

    14
    2
    3
    Aug 3, 2021
    Ratings:
    +6
    Local Time:
    4:05 AM
    Nginx 1.21.x
    MariaDB 10.4
    Is this the correct way to set up logrotate for modsecurity. Does the alias ngxrestart work after postrotate?

    nano /etc/logrotate.d/mod_security

    /var/log/modsec_audit.log {
    daily
    rotate 7
    missingok
    compress
    postrotate
    ngxrestart > /dev/null 2>/dev/null || true
    endscript
    }
     
  5. Aug 6, 2021 #45
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    6:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    You can check if ngxrestart works for that by manually doing a forced debug logrotate via command
    Code (Text):
    logrotate -df /var/log/modsec_audit.log
     
  6. Aug 6, 2021 #46
    Pasta

    Pasta New Member

    14
    2
    3
    Aug 3, 2021
    Ratings:
    +6
    Local Time:
    4:05 AM
    Nginx 1.21.x
    MariaDB 10.4
    Thanks, i had to chmod modsec_audit.log to 0644 to make it work.
     
  7. Aug 20, 2021 #47
    hazehs

    hazehs Member

    34
    1
    8
    Jul 18, 2020
    Ratings:
    +6
    Local Time:
    8:05 PM
    NGINX 1.18
    MariaDB 10.4
Previous Thread Next Thread
Loading...
Page 3 of 3

.