[tools] update.script

Do you like use update.script ?

  • yes, all time

    Votes: 221 69.1%

  • no, some time

    Votes: 44 13.8%

  • some time

    Votes: 55 17.2%
  • Total voters
    320
hehe thanks :)

I think they didnt notice or somehting about this error, ive wrote on their irc channel without success... lets see if they will solve http problem, but, if not, sourceforge is still active ^^

Regards
 
Roundcube error after mod_security upgrade

Just upgraded mod_security2 from 2.6.0 to 2.6.2 with same config and rules. But now Roundcube shows no mails. As soon as I turn mod_security off all is fine. There are no errors in th error.log. What could be wrong?

Old:

Code: 
[Fri Dec 02 00:42:04 2011] [notice] ModSecurity for Apache/2.6.0 (http://www.modsecurity.org/) configured.
[Fri Dec 02 00:42:04 2011] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.5"
[Fri Dec 02 00:42:04 2011] [notice] ModSecurity: PCRE compiled version="8.12"; loaded version="8.20 2011-10-21"
[Fri Dec 02 00:42:04 2011] [warn] ModSecurity: Loaded PCRE do not match with compiled!
[Fri Dec 02 00:42:04 2011] [notice] ModSecurity: LIBXML compiled version="2.7.6
[Fri Dec 02 00:42:04 2011] [notice] Original server signature: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2

New:

Code: 
[Sat Dec 03 16:30:37 2011] [notice] ModSecurity for Apache/2.6.2 (http://www.modsecurity.org/) configured.
[Sat Dec 03 16:30:37 2011] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.5"
[Sat Dec 03 16:30:37 2011] [notice] ModSecurity: PCRE compiled version="8.20"; loaded version="8.20 2011-10-21"
[Sat Dec 03 16:30:37 2011] [notice] ModSecurity: LIBXML compiled version="2.7.6"
[Sat Dec 03 16:30:37 2011] [notice] Original server signature: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2
 
Downgraded to PCRE 8.12 and reinstalled mod_security but Roundcube still shows no mails and no errors in log to identify the problem. So I downgraded mod_security to 2.6.0 but now httpd did't start. Seems that the file libxml2.so is in /usr/local/lib and not in /usr/lib/. I changed this in httpd-includes.conf and deleted the new mod_security ruleset and uploaded the ones I saved in a backup. Now everyting is normal again. Seems something has been changed in the installation of 2.6.2.
 
Last edited:
Hello,

My server can not connect to sourceforge. Is there any way to change source links to something else?
 
Any help will be greatly appreciated
I can not install mod security using this script because my server is not able to connect to sourceforge servers.
How could I change download link?
Rezaa said:
Hello,

My server can not connect to sourceforge. Is there any way to change source links to something else?
Click to expand...
 
I suppose you could contact all the groups that sponsor all the packages hosted on sourceforge, and tell them they need to move somewhere else because you can't connect to sourceforge.

Another option would be to find out why you can't connect to sourceforge, since it's unlikely that the suggestion in my first sentence would be workable.

Jeff
 
My server can not connect to sourceforge because the country that my server is located on it, is blocked by sourceforge ! and all download requests to sourceforge will be rejected!!
I've downloaded latest modsecurity from sourceforge with my own pc and then uploaded it to my website and then modified update.script file and replaced new download link with old one.
But after running ./update.script I get the following error:
Code: 
update.script core invalid. Aborting,
Download update.script again.

It seems making any changes in that file, will deactivates the file functioning.
Is there a way to change the link without getting above error?
 
You choose:
1. Use either a proxy to forward your request where you want it
2. Use iptables to forward your request where you want it.
3. Make your server to think that sourceforge has a defined by you IP, use /etc/hosts file for example.
4. Use VPN
5. Install ModSecurity by hands
6. If it does not violate License Agreement remove security check from update.script
7. Hire somebody to install ModSecurity for you
 
Thanks zEitEr

I've removed following line from update.script file and error has been fixed
Code: 
else
        echo "update.script core invalid. Aborting,"
        echo "Download update.script again."
        exit
 
Yes Jeff, it's working.
I've replaced new download link with old one and then removed "else" statement and everything worked fine.
 
Problem with mod_security2

After i run these commands:

./update.script MODsecurity2Apache2
./update.script MODsecurity2Apache2Rules
Click to expand...

I've added those line in httpd-includes.conf

# Use This
#LoadFile /usr/lib64/libxml2.so
# If you dont have libxml2.so use
LoadFile /usr/lib64/libxml2.so.2
LoadModule security2_module /usr/lib/apache/mod_security2.so
<IfModule mod_security2.c>
# ModSecurity2 ONLY
# Do not change anything in included files
#
Include /etc/modsecurity2/*.conf
</IfModule>
Click to expand...

And restart httpd, i get this error:

Starting httpd: Syntax error on line 483 of /etc/modsecurity2/base_rules/modsecurity_crs_41_sql_injection_attacks.conf:
Error creating rule: Error compiling pattern (offset 44): POSIX collating elements are not supported
Click to expand...

Please help me :(
Thanks in advance
 
I am having a little problem with suhosin

When i run php -v i get this

Code: 
# php -v
PHP Warning:  PHP Startup: Unable to load dynamic library './/usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so' - .//usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so: cannot open shared object file: No such file or directory in Unknown on line 0
PHP 5.2.17 (cli) (built: Nov 29 2011 12:50:39) 
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
 
Code: 
# cat /usr/local/lib/php.ini | grep suhosin.so
extension="/usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so"
 
You must log in or register to reply here.
Back
Top