S9y and mod_security2 CentOS6

Having trouble installing serendipity?
Post Reply
dachlatt
Posts: 1
Joined: Sun Jul 07, 2013 1:57 pm

S9y and mod_security2 CentOS6

Post by dachlatt »

Few weeks ago, i had to migrate my existing Blog to new iron.
Also i had to switch to the stable CentOS and installed Apache2 with modsecurity2.

As we all figured in the past, Mod_Security and S9Y isn't real fun.
But after poking around i was able to get it working together for my particular environment.

The Webserver i make Use of is the widely used
  • Apache

Code: Select all

rpm -qa |grep http
httpd-tools-2.2.15-28.el6.centos.x86_64
httpd-2.2.15-28.el6.centos.x86_64

The follwing Mod_Security Packages are in use
  • Mod Security

Code: Select all

# rpm -qa |grep mod_sec
mod_security_crs-2.2.6-3.el6.noarch
mod_security-2.7.3-2.el6.x86_64
Please be aware.... there are additional Rules in a separate Package

Code: Select all

yum search  mod_sec

Code: Select all

mod_security.x86_64 : Security module for the Apache HTTP Server
mod_security_crs.noarch : ModSecurity Rules
THe Package mod_security_crs-extras.noarch : Supplementary mod_security rules isn't installed and i havent tested those Rules.

What i figured that was that the following Rules have to be deactivated to work with S9Y.
You may apply those Rules to your Apache Vhost Config.

Code: Select all

#S9Y RUles
SecRuleRemoveByID 981173
SecRuleRemoveByID 960024
SecRuleRemoveByID 981231
SecRuleRemoveByID 981317
SecRuleRemoveByID 981257
SecRuleRemoveByID 973300
SecRuleRemoveByID 981243
SecRuleRemoveByID 973332
SecRuleRemoveByID 973333
SecRuleRemoveByID 973335
SecRuleRemoveByID 950005
SecRuleRemoveByID 981205
SecRuleRemoveByID 970901
SecRuleRemoveByID  950109
SecRuleRemoveByID 981318
SecRuleRemoveByID 950901
#Imageselector S9yi
SecRuleRemoveByID 950006
SecRuleRemoveByID 981245
SecRuleRemoveByID 958407
SecRuleRemoveByID 973303
SecRuleRemoveByID 973304
SecRuleRemoveByID 973305
#Editor Options
SecRuleRemoveByID 981242
SecRuleRemoveByID 973306
SecRuleRemoveByID 973316
#Youtube Plugin Links!
SecRuleRemoveByID 960015
SecRuleRemoveByID 958057
SecRuleRemoveByID 958056
SecRuleRemoveByID 973301
SecRuleRemoveByID 973302
SecRuleRemoveByID 973317
SecRuleRemoveByID 973324
SecRuleRemoveByID 981260
SecRuleRemoveByID 981248
SecRuleRemoveByID 973327
SecRuleRemoveByID 973302
   ErrorLog /var/log/error.log

Possibly i've overseen something but those Rules are working for my Installation.

Code: Select all

php -v
PHP 5.3.3 (cli) (built: Feb 22 2013 02:51:11) 
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
    with Xdebug v2.1.4, Copyright (c) 2002-2012, by Derick Rethans
    with Suhosin v0.9.29, Copyright (c) 2007, by SektionEins GmbH
To get all the necessary informations tracked down, follow the Error logs in your Vhost Config.
Tail -f
and grep are your best friend.

Hopefully thats useful for somebody in the S9Y Community.

Kind regards.


EDIT:

Short Update, i added a few other Rules, if you make Use of the Youtube Plugin
Add those Rules to your Virtual Host Config.

Have fun. :)
Last edited by dachlatt on Thu Aug 01, 2013 4:09 pm, edited 2 times in total.
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: S9y and mod_security2 CentOS6

Post by garvinhicking »

Many thanks for sharing! Even though I currently don't use mod_security2 on my own I'm sure this will be helpful for people.
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Post Reply