|
1 Patch origin: in-house |
|
2 Patch status: Solaris-specific; not suitable for upstream |
|
3 |
|
4 Customize conf file for Solaris. |
|
5 |
|
6 --- modsecurity-apache_2.7.5/modsecurity-24.conf-recommended 2014-09-18 11:02:07.894164052 +0000 |
|
7 +++ modsecurity-apache_2.7.5/modsecurity-24.conf-recommended 2014-09-18 11:02:55.661565764 +0000 |
|
8 @@ -1,3 +1,7 @@ |
|
9 +LoadModule security2_module libexec/mod_security2.so |
|
10 + |
|
11 +<IfModule mod_security2.c> |
|
12 + |
|
13 # -- Rule engine initialization ---------------------------------------------- |
|
14 |
|
15 # Enable ModSecurity, attaching it to every transaction. Use detection |
|
16 @@ -129,13 +133,13 @@ |
|
17 # This default setting is chosen due to all systems have /tmp available however, |
|
18 # this is less than ideal. It is recommended that you specify a location that's private. |
|
19 # |
|
20 -SecTmpDir /tmp/ |
|
21 +SecTmpDir /var/apache2/2.4/modsec/tmp/ |
|
22 |
|
23 # The location where ModSecurity will keep its persistent data. This default setting |
|
24 # is chosen due to all systems have /tmp available however, it |
|
25 # too should be updated to a place that other users can't access. |
|
26 # |
|
27 -SecDataDir /tmp/ |
|
28 +SecDataDir /var/apache2/2.4/modsec/tmp/ |
|
29 |
|
30 |
|
31 # -- File uploads handling configuration ------------------------------------- |
|
32 @@ -144,7 +148,7 @@ |
|
33 # location must be private to ModSecurity. You don't want other users on |
|
34 # the server to access the files, do you? |
|
35 # |
|
36 -#SecUploadDir /opt/modsecurity/var/upload/ |
|
37 +#SecUploadDir /var/apache2/2.4/modsec/upload/ |
|
38 |
|
39 # By default, only keep the files that were determined to be unusual |
|
40 # in some way (by an external inspection script). For this to work you |
|
41 @@ -164,7 +168,7 @@ |
|
42 # The default debug log configuration is to duplicate the error, warning |
|
43 # and notice messages from the error log. |
|
44 # |
|
45 -#SecDebugLog /opt/modsecurity/var/log/debug.log |
|
46 +#SecDebugLog /var/apache2/2.4/logs/modsec_debug.log |
|
47 #SecDebugLogLevel 3 |
|
48 |
|
49 |
|
50 @@ -184,10 +188,10 @@ |
|
51 # assumes that you will use the audit log only ocassionally. |
|
52 # |
|
53 SecAuditLogType Serial |
|
54 -SecAuditLog /var/log/modsec_audit.log |
|
55 +SecAuditLog /var/apache2/2.4/logs/modsec_audit.log |
|
56 |
|
57 # Specify the path for concurrent audit logging. |
|
58 -#SecAuditLogStorageDir /opt/modsecurity/var/audit/ |
|
59 +#SecAuditLogStorageDir /var/apache2/2.4/modsec/audit/ |
|
60 |
|
61 |
|
62 # -- Miscellaneous ----------------------------------------------------------- |
|
63 @@ -211,3 +221,4 @@ |
|
64 # version, Anonymous unique id for host. |
|
65 SecStatusEngine On |
|
66 |
|
67 +</IfModule> |