rpms/mod_security/devel mod_security.conf, 1.1, 1.2 mod_security.spec, 1.2, 1.3
Michael G. Fleming (mfleming)
fedora-extras-commits at redhat.com
Sat Jul 9 00:41:25 UTC 2005
- Previous message (by thread): rpms/opendap/devel opendap-3.4.4-dap-gcc4.patch, NONE, 1.1 opendap-3.4.4-gcc4.patch, NONE, 1.1 opendap-3.4.4-includedir.patch, NONE, 1.1 opendap-3.4.4-nc3-dods-f95.patch, NONE, 1.1 opendap-3.4.4-rpmoptflags.patch, NONE, 1.1 opendap-3.4.4-shared.patch, NONE, 1.1 opendap-3.4.4-systemlibs.patch, NONE, 1.1 opendap.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/scim-anthy/FC-4 .cvsignore, 1.3, 1.4 scim-anthy.spec, 1.4, 1.5 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mfleming
Update of /cvs/extras/rpms/mod_security/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15461
Modified Files:
mod_security.conf mod_security.spec
Log Message:
- Spec cleanup (from Oliver Falk)
- Updated config with some safe-but-useful rulesets
Index: mod_security.conf
===================================================================
RCS file: /cvs/extras/rpms/mod_security/devel/mod_security.conf,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mod_security.conf 19 May 2005 01:39:17 -0000 1.1
+++ mod_security.conf 9 Jul 2005 00:41:23 -0000 1.2
@@ -1,5 +1,4 @@
# Example configuration file for the mod_security Apache module
-# This is a minimal setup. You should add some extra entries here.
LoadModule security_module modules/mod_security.so
@@ -69,4 +68,40 @@
# (and you don't need it anyway)
SecFilterSelective HTTP_Transfer-Encoding "!^$"
- </IfModule>
+ # Some common application-related rules from
+ # http://modsecrules.monkeydev.org/rules.php?safety=safe
+
+ #Nuke Bookmarks XSS
+ SecFilterSelective THE_REQUEST "/modules\.php\?name=Bookmarks\&file=(del_cat\&catname|del_mark\&markname|edit_cat\&catname|edit_cat\&catcomment|marks\&catname|uploadbookmarks\&category)=(<[[:space:]]*script|(http|https|ftp)\:/)"
+
+ #Nuke Bookmarks Marks.php SQL Injection Vulnerability
+ SecFilterSelective THE_REQUEST "modules\.php\?name=Bookmarks\&file=marks\&catname=.*\&category=.*/\*\*/(union|select|delete|insert)"
+
+ #PHPNuke general XSS attempt
+ #/modules.php?name=News&file=article&sid=1&optionbox=
+ SecFilterSelective THE_REQUEST "/modules\.php\?*name=<[[:space:]]*script"
+
+ # PHPNuke SQL injection attempt
+ SecFilterSelective THE_REQUEST "/modules\.php\?*name=Search*instory="
+
+ #phpnuke sql insertion
+ SecFilterSelective THE_REQUEST "/modules\.php*name=Forums.*file=viewtopic*/forum=.*\'/"
+
+ # WEB-PHP phpbb quick-reply.php arbitrary command attempt
+
+ SecFilterSelective THE_REQUEST "/quick-reply\.php" chain
+ SecFilter "phpbb_root_path="
+
+ #Topic Calendar Mod for phpBB Cross-Site Scripting Attack
+ SecFilterSelective THE_REQUEST "/calendar_scheduler\.php\?start=(<[[:space:]]*script|(http|https|ftp)\:/)"
+
+ # phpMyAdmin: Safe
+
+ #phpMyAdmin Export.PHP File Disclosure Vulnerability
+ SecFilterSelective SCRIPT_FILENAME "export\.php$" chain
+ SecFilterSelective ARG_what "\.\."
+
+ #phpMyAdmin path vln
+ SecFilterSelective REQUEST_URI "/css/phpmyadmin\.css\.php\?GLOBALS\[cfg\]\[ThemePath\]=/etc"
+
+</IfModule>
Index: mod_security.spec
===================================================================
RCS file: /cvs/extras/rpms/mod_security/devel/mod_security.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- mod_security.spec 19 May 2005 06:42:01 -0000 1.2
+++ mod_security.spec 9 Jul 2005 00:41:23 -0000 1.3
@@ -1,20 +1,20 @@
Summary: Security module for the Apache HTTP Server
Name: mod_security
Version: 1.8.7
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPL
URL: http://www.modsecurity.org/
Group: System Environment/Daemons
-Source: http://www.modsecurity.org/download/modsecurity-1.8.7.tar.gz
+Source: http://www.modsecurity.org/download/modsecurity-%{version}.tar.gz
Source1: mod_security.conf
-BuildRoot: %{_tmppath}/%{name}-root/
-Requires: httpd >= 2.0.38
-BuildRequires: httpd-devel >= 2.0.38
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Requires: httpd
+BuildRequires: httpd-devel
%description
-ModSecurity is an open source intrusion detection and prevention engine for web
-applications. It operates embedded into the web server, acting as a powerful
-umbrella - shielding web applications from attacks.
+ModSecurity is an open source intrusion detection and prevention engine
+for web applications. It operates embedded into the web server, acting
+as a powerful umbrella - shielding web applications from attacks.
%prep
@@ -40,6 +40,10 @@
%config(noreplace) /etc/httpd/conf.d/mod_security.conf
%changelog
+* Sat Jul 9 2005 Michael Fleming <mfleming+rpm at enlartenment.com> 1.8.7-3
+- Correct Buildroot
+- Some sensible and safe rules for common apps in mod_security.conf
+
* Thu May 19 2005 Michael Fleming <mfleming+rpm at enlartenment.com> 1.8.7-2
- Don't strip the module (so we can get a useful debuginfo package)
- Previous message (by thread): rpms/opendap/devel opendap-3.4.4-dap-gcc4.patch, NONE, 1.1 opendap-3.4.4-gcc4.patch, NONE, 1.1 opendap-3.4.4-includedir.patch, NONE, 1.1 opendap-3.4.4-nc3-dods-f95.patch, NONE, 1.1 opendap-3.4.4-rpmoptflags.patch, NONE, 1.1 opendap-3.4.4-shared.patch, NONE, 1.1 opendap-3.4.4-systemlibs.patch, NONE, 1.1 opendap.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/scim-anthy/FC-4 .cvsignore, 1.3, 1.4 scim-anthy.spec, 1.4, 1.5 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list