Also i had to switch to the stable CentOS and installed Apache2 with modsecurity2.
As we all figured in the past, Mod_Security and S9Y isn't real fun.
But after poking around i was able to get it working together for my particular environment.
The Webserver i make Use of is the widely used
- Apache
Code: Select all
rpm -qa |grep http
httpd-tools-2.2.15-28.el6.centos.x86_64
httpd-2.2.15-28.el6.centos.x86_64
The follwing Mod_Security Packages are in use
- Mod Security
Code: Select all
# rpm -qa |grep mod_sec
mod_security_crs-2.2.6-3.el6.noarch
mod_security-2.7.3-2.el6.x86_64
Code: Select all
yum search mod_sec
Code: Select all
mod_security.x86_64 : Security module for the Apache HTTP Server
mod_security_crs.noarch : ModSecurity Rules
What i figured that was that the following Rules have to be deactivated to work with S9Y.
You may apply those Rules to your Apache Vhost Config.
Code: Select all
#S9Y RUles
SecRuleRemoveByID 981173
SecRuleRemoveByID 960024
SecRuleRemoveByID 981231
SecRuleRemoveByID 981317
SecRuleRemoveByID 981257
SecRuleRemoveByID 973300
SecRuleRemoveByID 981243
SecRuleRemoveByID 973332
SecRuleRemoveByID 973333
SecRuleRemoveByID 973335
SecRuleRemoveByID 950005
SecRuleRemoveByID 981205
SecRuleRemoveByID 970901
SecRuleRemoveByID 950109
SecRuleRemoveByID 981318
SecRuleRemoveByID 950901
#Imageselector S9yi
SecRuleRemoveByID 950006
SecRuleRemoveByID 981245
SecRuleRemoveByID 958407
SecRuleRemoveByID 973303
SecRuleRemoveByID 973304
SecRuleRemoveByID 973305
#Editor Options
SecRuleRemoveByID 981242
SecRuleRemoveByID 973306
SecRuleRemoveByID 973316
#Youtube Plugin Links!
SecRuleRemoveByID 960015
SecRuleRemoveByID 958057
SecRuleRemoveByID 958056
SecRuleRemoveByID 973301
SecRuleRemoveByID 973302
SecRuleRemoveByID 973317
SecRuleRemoveByID 973324
SecRuleRemoveByID 981260
SecRuleRemoveByID 981248
SecRuleRemoveByID 973327
SecRuleRemoveByID 973302
ErrorLog /var/log/error.log
Possibly i've overseen something but those Rules are working for my Installation.
Code: Select all
php -v
PHP 5.3.3 (cli) (built: Feb 22 2013 02:51:11)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Xdebug v2.1.4, Copyright (c) 2002-2012, by Derick Rethans
with Suhosin v0.9.29, Copyright (c) 2007, by SektionEins GmbH
Tail -f
and grep are your best friend.
Hopefully thats useful for somebody in the S9Y Community.
Kind regards.
EDIT:
Short Update, i added a few other Rules, if you make Use of the Youtube Plugin
Add those Rules to your Virtual Host Config.
Have fun.