On Tue, Sep 24, 2013 at 3:02 PM, Reinhard Kocznar <off...@kocznar.com>wrote:
> Hello,**** > > ** ** > > I use mod_security (OWASP_CRS/2.2.7) on a Windows 2003 Server with Apache > 2.7.4. This works fine, and I want to use SecGeoLookupDb to block some > countries. Unfortunately I do not come clear with the documentation for > this job. Can anybody help?**** > > ** > Hi Reinhard, Have your tried something like the following. The example below defines where the GeoLiteCity database is stored. I chose /opt/modsecurity/var/lib but you could put the db somewhere else on your system. You can download the database from http://www.maxmind.com/. FWIW, the GEOIP2 databases do not work with ModSecurity (yet). Next I created a rule to lookup the remote IP address and deny the connection if the request did not come from a US based IP address. SecGeoLookupDb /opt/modsecurity/lib/GeoLiteCity.dat SecRule REMOTE_ADDR "@geoLookup" "phase:1,chain,id:1,deny,msg:'Non-US IP address'" SecRule GEO:COUNTRY_CODE "!@streq US" -- - Josh ** > > Thank you,**** > > Reinhard Kocznar **** > > Zeus Versicherungsberatung e.U. > Versicherungsmakler und Berater in Versicherungsangelegenheiten **** > > Koernerstrasse 13 Telefon +43 512 393824 > A-6020 Innsbruck Fax +43 512 394617 **** > > http://www.zeus-1.at/ <http://www.kocznar.com/> - > http://www.available-light.org/ **** > > ------------------------------------------------------------------------------------------- > **** > > *Hamster im Laufrad*, Essay, Limbus, Innsbruck ISBN 978-3-902534-92-7**** > > http://books.kocznar.com/**** > > ** ** > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set