Hi Damian,<br><br>Those look good to me, and you might want to add some extra ones just to start.<br><br><span style="font-family: courier new,monospace;"># Log only relevant entries</span> and log it<br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">SecAuditEngine RelevantOnly<br><span style="font-family: courier new,monospace;">SecAuditLog </span>/var/log/httpd/modsec_audit.log</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"># Filter only Dynamic content (to minimize performance impact)</span> should be tested to be sure that it does what is expected<br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">SecFilter DynamicOnly</span><span name="intelliTxt" id="intelliTxt"><pre><code><font size="2"><span style="font-family: courier new,monospace;"></span></font><br></code><span name="intelliTxt" id="intelliTxt"></span><br>
</pre></span><span name="intelliTxt" id="intelliTxt"></span>Just my 2 cents :)<br><br>Paulo<br><br><br><div class="gmail_quote">2008/11/21 Dennis Gilmore <span dir="ltr"><<a href="mailto:dennis@ausil.us">dennis@ausil.us</a>></span><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">forwarding to the correct list<br>
<div><div></div><div class="Wj3C7c"><br>
---------- Forwarded Message ----------<br>
<br>
Subject: [Fedora-sysadmin-list] Web Security<br>
Date: Friday 21 November 2008<br>
From: "Damian Myerscough" <<a href="mailto:damian.myerscough@gmail.com">damian.myerscough@gmail.com</a>><br>
To: "Fedora Administration and Infrastructure project" <fedora-sysadmin-<br>
<a href="mailto:list@redhat.com">list@redhat.com</a>><br>
Hello All,<br>
<br>
I have managed to get a bit of free time to create some simple rules<br>
for mod_security<br>
which would be suitable for the web servers which we are currently<br>
running. I have wrote<br>
some generic rules which should be compatible with all the web<br>
servers. However, we could<br>
write rules which are much stricter for the web applications that are<br>
hosted off the web servers.<br>
<br>
Let me know what people think about the rules that I have attached.<br>
<br>
Just a note, the final rule should point to maybe a security notice...<br>
it would currently just redirect users<br>
to <a href="http://fedoraproject.org" target="_blank">fedoraproject.org</a>.<br>
<br>
--<br>
Regards,<br>
Damian Myerscough<br>
<br>
</div></div>-------------------------------------------------------<br>
<br>_______________________________________________<br>
Fedora-infrastructure-list mailing list<br>
<a href="mailto:Fedora-infrastructure-list@redhat.com">Fedora-infrastructure-list@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list</a><br>
<br></blockquote></div><br>