Results 1 to 9 of 9

Thread: libModSecurity (ModSecurity 3.0 support)

  1. #1
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    8,070

    libModSecurity (ModSecurity 3.0 support)

    Hello,

    I'd just like to announce that CustomBuild 2.0 rev. 1965 finally supports libModSecurity (ModSecurity 3.0) for nginx (and nginx_apache). Due to high instability and segfaulting, support for ModSecurity 2.x has been dropped completely when webserver=nginx/nginx_apache is set. Comodo WAF (modsecurity_ruleset=comodo) is not compatible with libModSecurity (ModSecurity 3.0) yet, so, we suggest switching to OWASP (or commercial rules providers, like Imunify360) for now, until Comodo makes their ruleset compatible.

    Their connector for Apache is in beta phase now, so, the switch will be made later, unless we get many instability reports as we did get them for Nginx.

    Thank you!
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  2. #2
    Join Date
    May 2007
    Posts
    12
    I just try to build libmodsecurity 3.0. for nginx_apache in both latest versions. I have set
    modsecurity=3.0
    modsecurity_ruleset=OWASP
    in options.conf. However it is fail to start nginx after build libmodsecurity. I also checked in modsecurity.d directory, it always download comodo's rules files but those are zero bytes, not download the OWASP rules.
    Last edited by Wilson; 12-17-2018 at 03:54 AM.

  3. #3
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    8,070
    modsecurity_ruleset=OWASP isn't correct, it should be modsecurity_ruleset=owasp. I'd suggest setting it using "./build set modsecurity_ruleset ..." command Thank you!
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  4. #4
    Join Date
    May 2007
    Posts
    12
    Quote Originally Posted by smtalk View Post
    modsecurity_ruleset=OWASP isn't correct, it should be modsecurity_ruleset=owasp. I'd suggest setting it using "./build set modsecurity_ruleset ..." command Thank you!
    Thanks smtalk.

  5. #5
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    8,070
    Comodo announced it should work now
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  6. #6
    Join Date
    Oct 2015
    Posts
    32
    im using imunify360 but dont see on rule set imunify360 just comodo and OWASP

  7. #7
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    216
    Out of curiosity: how is performance affected when running this on shared hosting (say 200 websites)? What are the experiences with the compatibility with regular CMS'es like Wordpress etc?

  8. #8
    Join Date
    Jan 2013
    Posts
    159
    Quote Originally Posted by DutchTSE View Post
    Out of curiosity: how is performance affected when running this on shared hosting (say 200 websites)? What are the experiences with the compatibility with regular CMS'es like Wordpress etc?

    Never checked the performance. I just installed modsecurity because I think it is a must have.
    Compatibility is a problem though. In the beginning you need to monitor every "block" by modsecurity and evaluate if you will allow it or not. In case you want to allow it, you need to modify the owasp rules.

    I've made some custom rules to for blocking bots.
    Probe my IP

  9. #9
    Join Date
    Jul 2019
    Posts
    82
    Quote Originally Posted by DutchTSE View Post
    Out of curiosity: how is performance affected when running this on shared hosting (say 200 websites)? What are the experiences with the compatibility with regular CMS'es like Wordpress etc?
    I have the same question

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •