When I checked the logs, I found that Mod_security blocks some files necessary for the site to work. So far, I have disabled it for each domain in the apache configuration file. I only want to disable certain rules on certain pages. The implementation examples that I read relate to the red hat and other distributions. I am running Centos 5 with apache 2.8 and mod_security 2 (several sites are hosted on the server)
On centos, loaded mod_security is enabled from above:
Include "/usr/local/apache/conf/modsec2.conf"
The above file calls the modsec2.user.conf file, which is located in the same directory.
Here is what I have done so far:
My server does not have a modsecurity.d directory to create a file like this:
/etc/httpd/modsecurity.d/modsecurity_localrules.conf
So, I created a file with the name:
whitelist.conf
in
/usr/local/apache/conf/
then I added include to it:
/etc/httpd/conf/modsec2.conf/
the rules look like this:
<LocationMatch "/wp-admin/post.php"> SecRuleRemoveById 950006 </LocationMatch>
But the rules do not work. I wonder if whitelist.conf is placed in the right place.
Then I created 2 files:
modsecurity_crs_15_customrules.conf modsecurity_crs_60_customrules.conf
and put them in:
/home/cpeasyapache/src/modsecurity-apache_2.5.12/rules
The above path is where I found:
modsecurity_crs_10_config.conf
which contains the basic rules, although I did not see it being called by any other file.
The basic rules are in:
/home/cpeasyapache/src/modsecurity-apache_2.5.12/rules/base_rules
It seems my mod_security is installed and configured with minimal .am functionality, thinking of adding this to httpd.conf:
<IfModule security2_module> Include /home/cpeasyapache/src/modsecurity-apache_2.5.12/rules/modsecurity_crs_10_config.conf Include /home/cpeasyapache/src/modsecurity-apache_2.5.12/rules/base_rules/*.conf Include /home/cpeasyapache/src/modsecurity-apache_2.5.12/rules/optional_rules/*.conf Include /home/cpeasyapache/src/modsecurity-apache_2.5.12/rules/modsecurity_crs_15_customrules.conf Include /home/cpeasyapache/src/modsecurity-apache_2.5.12/rules/modsecurity_crs_60_customrules.conf </IfModule>
How do you guys do this at your end?
Thank you in advance