Hello all The mod_security team quickly isolated my problem and generated a patch for me to address it. To give a summary of the issue, when updating to mod_security-2.1.1 AND using mod_limitipconn-0.22-r1, mod_security blocks are bypassed. Mod_security logs the rule trigger and states that it issued a 403 (or whatever status you set 500, etc),… Continue reading Mod_security-2.1.1 and mod_limitipconn patch procedure
I just received an email from Ivan Ristic this morning! He looked through the source of mod_limitipconn and found that the module is NOT compatible with mod_security-2.x. Ivan Ristic – “I’ve looked briefly at the source code of mod_limitipconn and it would appear that this module is not compatible with ModSecurity in the current version… Continue reading Mod_security upgrade from 1.8.7 to 2.1.1 — Major issue with mod_limitipconn [UPDATE]
Well, I’m getting really close on the migration from mod_security-1.8.7 to mod_security-2.1.1. I’ve upgraded on a few servers, and overall the migration has been pretty successful. On one server, I came across a really weird issue. It appears that I’m experiencing a mod_security bypass issue. Creating a simple SecRule to catch basic spam for comments,… Continue reading Mod_security upgrade from 1.8.7 to 2.1.1 — Major issue with mod_limitipconn
I’ve been noticing more and more of these messages being sent to me via logcheck on a few servers. It appears that freshclam is having issues updating agains it’s mirrors. May 24 15:17:29 comp freshclam[6353]: Mirror 64.142.100.50 is not synchronized. May 24 15:17:29 comp freshclam[6353]: Giving up on database.clamav.net… May 24 15:17:29 comp freshclam[6353]: Update… Continue reading Freshclam issues
With this sponsored post, we will discuss a great site called Mac OS X Tips! About a year ago (maybe a little more), I purchased a MacMini with the x86 chipset and thought it would accomplish a few things for me. The first big buying point was for web development. I have a few (and… Continue reading Mac OS X Tips
With this sponsored post, I’m pleased to talk about AskReaMaor.com, which is a Computer related blog. I’m a nerd and I enjoy the presence of other nerds. Almost all of my ‘real’ (non-virtual) friends are nerds as well. Being around nerds is great for getting great dialog, and overall really helps me become a better… Continue reading AskReaMaor.com – A computer related blog
With this sponsored post, I’m excited to talk about a company that I’m stoked about as well as having an interesting hot product! The company is AVS4You.com. Now, I’ve been using the AVS Video Converter for years on web development projects where I needed to convert .AVI to .WMV, etc. What I like about their… Continue reading AVS iDevice Explorer
Portage has official made mod_security (http://www.modsecurity.org) 2.1.1 stable! This is great since the official releases of 2.x have been out for a long, long time. With this jump, there are some issues to contend with. Jumping from 1.x to 2.x releases involves some major configuration modification, but is aided with a conversion matrix document. Basically… Continue reading Mod_security :: upgrading from 1.x to 2.x (part 1)
With this Sponsored Post, I wanted to talk about an interesting product. As most of you know, my world is Gentoo Linux, but as a web programmer, I do an insane amount of work on Windows. I like to make sure that I’m using operating systems from Linux to Windows to MacOSX to keep in… Continue reading Apis Ceratina – Macro Tool (Windows)
As another weapon in my anti-spam arsenal, I wanted to give policyd-weight a shot within my existing postfix setups. Policyd-weight is a great daemon that sits between postfix’s authentication and data delivery phases. After handling SMTP authentication, etc it will hand over the headers to policyd-weight before the data transmission. This is great, since this… Continue reading How-to set up and configure policyd-weight for additional spam prevention