ModSecurity

Basic config

 # Turn the filtering engine On or Off
 SecFilterEngine On

 # Make sure that URL encoding is valid
 SecFilterCheckURLEncoding On
 
 # Unicode encoding check
 SecFilterCheckUnicodeEncoding On
 
 # Only allow bytes from this range
 SecFilterForceByteRange 0 255
 
 # Only log actionable requests
 SecAuditEngine RelevantOnly
 
 # The name of the audit log file
 SecAuditLog /var/log/apache2/audit_log
 
 # Debug level set to a minimum
 SecFilterDebugLog /var/log/apache2/modsec_debug_log
 SecFilterDebugLevel 2
 
 # Should mod_security inspect POST payloads
 SecFilterScanPOST On
 
 # By default log and deny suspicious requests
 # with HTTP status 500
 SecFilterDefaultAction "deny,log,status:500"
 
 # Add custom secfilter rules here

Changing Apache Server Name To Whatever

/etc/apache2/conf.d/security

..
ServerTokens Full
SecServerSignature "Whateveryouwnat"
apache/modsecurity.txt · Last modified: 2012/10/08 21:54 by a
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready