Do you see in the error log that mod_security is started? You load the mod_security module in an ifmodule which checks if the module is loaded i don't think that's possible.
2013/5/7 Vu Huynh <huynhnhatvu1...@gmail.com> > Dear Admin Owasp.org > > My name's Vu I had install ModSecurity on my VPS but when I test it don't > run could you please help me check this > > This is step that I install: > First I dowload modsecurity and install it: > > wget > http://www.modsecurity.org/tarball/2.7.3/modsecurity-apache_2.7.3.tar.gz > tar -xzvf modsecurity-apache_2.7.3.tar.gz > cd modsecurity-apache_2.7.3 > ./configure > make make install > > then I dowload OWASP Mod_Security Core Rule Set from here: > https://codeload.github.com/SpiderLabs/owasp-modsecurity-crs/zip/master > I unzip "owasp-modsecurity-crs-master.zip" > Rename folder "owasp-modsecurity-crs-master" to "modsecurity-crs" > Rename "modsecurity-crs/modsecurity_crs_10_setup.conf.example" to > "modsecurity-crs/modsecurity_crs_10_setup.conf" > Upload folder "modsecurity-crs" to /etc/httpd > > then I load it by copy this: > > <IfModule security2_module> > LoadFile /usr/local/lib/libxml2.so > LoadFile /usr/local/lib/liblua5.1.so > LoadModule security2_module /usr/local/lib/mod_security2.so > Include /etc/httpd/conf/modsecurity.conf > Include /etc/httpd/modsecurity-crs/modsecurity_crs_10_config.conf > Include /etc/httpd/modsecurity-crs/base_rules/*.conf > </IfModule> > > to the end of /etc/httpd/conf/httpd.conf > and restart httpd by command: service httpd restart > > I had installed: > "mod_uniqueid" > "libapr and libapr-util" > "libpcre" > "libxml2" > "liblua v5.1" > > the last I test it by add this: > > <IfModule security2_module> > > # Bat che do loc cua Modsecurity > SecRuleEngine On > # Thiet lap action mac dinh > SecDefaultAction "phase:2,deny,log,status:404" > > # rule thu nghiem block tat ca request co uri chua "hacker" > SecRule REQUEST_URI "hacker" > > </IfModule> > > to the end of /etc/httpd/conf/modsecurity.conf > and restart httpd > I access to http://cuviver.com/hacker.html it load code normal it don't > return to 404 not found > can you help me check the step install is that true? > I use centos 6 64bit with Directadmin Control > I had attached http.config and modsecurity.conf > I'm looking forward to hearing from you soon > > Thanks and Best Regards > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
