diff options
-rw-r--r-- | templates/vhosts/gitweb/CentOS.erb | 30 | ||||
-rw-r--r-- | templates/vhosts/passenger/CentOS.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/perl/CentOS.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/php/CentOS.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/php_drupal/CentOS.erb | 16 | ||||
-rw-r--r-- | templates/vhosts/php_joomla/CentOS.erb | 16 | ||||
-rw-r--r-- | templates/vhosts/php_mediawiki/CentOS.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/php_simplemachine/CentOS.erb | 16 | ||||
-rw-r--r-- | templates/vhosts/php_wordpress/CentOS.erb | 16 | ||||
-rw-r--r-- | templates/vhosts/static/OpenBSD.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/webdav/CentOS.erb | 4 |
11 files changed, 94 insertions, 24 deletions
diff --git a/templates/vhosts/gitweb/CentOS.erb b/templates/vhosts/gitweb/CentOS.erb index 5861270..8ba680b 100644 --- a/templates/vhosts/gitweb/CentOS.erb +++ b/templates/vhosts/gitweb/CentOS.erb @@ -45,6 +45,21 @@ </Directory> <%- end -%> + + <IfModule mod_security2.c> + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + </IfModule> + <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> @@ -95,6 +110,21 @@ </Directory> <%- end %> + + <IfModule mod_security2.c> + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + </IfModule> + <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> diff --git a/templates/vhosts/passenger/CentOS.erb b/templates/vhosts/passenger/CentOS.erb index 4e515c7..f5f67b5 100644 --- a/templates/vhosts/passenger/CentOS.erb +++ b/templates/vhosts/passenger/CentOS.erb @@ -39,8 +39,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ @@ -90,8 +92,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ diff --git a/templates/vhosts/perl/CentOS.erb b/templates/vhosts/perl/CentOS.erb index 5eca429..bf31482 100644 --- a/templates/vhosts/perl/CentOS.erb +++ b/templates/vhosts/perl/CentOS.erb @@ -54,8 +54,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ @@ -120,8 +122,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ diff --git a/templates/vhosts/php/CentOS.erb b/templates/vhosts/php/CentOS.erb index f18e8c6..57af260 100644 --- a/templates/vhosts/php/CentOS.erb +++ b/templates/vhosts/php/CentOS.erb @@ -48,8 +48,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ @@ -108,8 +110,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ diff --git a/templates/vhosts/php_drupal/CentOS.erb b/templates/vhosts/php_drupal/CentOS.erb index 267f393..b48dbec 100644 --- a/templates/vhosts/php_drupal/CentOS.erb +++ b/templates/vhosts/php_drupal/CentOS.erb @@ -73,13 +73,15 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log - <%- else -%> - SecRuleEngine Off - <%- end -%> </IfModule> <%- unless additional_options.to_s == 'absent' then -%> @@ -158,13 +160,15 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log - <%- else -%> - SecRuleEngine Off - <%- end -%> </IfModule> <%- unless additional_options.to_s == 'absent' then -%> diff --git a/templates/vhosts/php_joomla/CentOS.erb b/templates/vhosts/php_joomla/CentOS.erb index bc98cdb..fe91459 100644 --- a/templates/vhosts/php_joomla/CentOS.erb +++ b/templates/vhosts/php_joomla/CentOS.erb @@ -60,6 +60,11 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html # Exceptions for Joomla Root Directory <LocationMatch '^/'> @@ -74,9 +79,6 @@ <LocationMatch '^/components/com_expose/expose/manager/amfphp/gateway.php'> SecRuleRemoveById 960010 </LocationMatch> - <%- else -%> - SecRuleEngine DetectionOnly - <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log @@ -136,6 +138,11 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html # Exceptions for Joomla Root Directory <LocationMatch '^/'> @@ -150,9 +157,6 @@ <LocationMatch '^/components/com_expose/expose/manager/amfphp/gateway.php'> SecRuleRemoveById 960010 </LocationMatch> - <%- else -%> - SecRuleEngine DetectionOnly - <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log diff --git a/templates/vhosts/php_mediawiki/CentOS.erb b/templates/vhosts/php_mediawiki/CentOS.erb index 9d2b9a2..a268c82 100644 --- a/templates/vhosts/php_mediawiki/CentOS.erb +++ b/templates/vhosts/php_mediawiki/CentOS.erb @@ -49,8 +49,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ @@ -110,8 +112,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ diff --git a/templates/vhosts/php_simplemachine/CentOS.erb b/templates/vhosts/php_simplemachine/CentOS.erb index 8ccaaba..e1008d2 100644 --- a/templates/vhosts/php_simplemachine/CentOS.erb +++ b/templates/vhosts/php_simplemachine/CentOS.erb @@ -48,13 +48,15 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log - <%- else -%> - SecRuleEngine Off - <%- end -%> </IfModule> <%- unless additional_options.to_s == 'absent' then -%> @@ -108,13 +110,15 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log - <%- else -%> - SecRuleEngine Off - <%- end -%> </IfModule> <%- unless additional_options.to_s == 'absent' then -%> diff --git a/templates/vhosts/php_wordpress/CentOS.erb b/templates/vhosts/php_wordpress/CentOS.erb index f12ab6f..88da307 100644 --- a/templates/vhosts/php_wordpress/CentOS.erb +++ b/templates/vhosts/php_wordpress/CentOS.erb @@ -48,15 +48,17 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html SecRuleRemoveById "960010" - <%- else -%> - SecRuleEngine Off - <%- end -%> </IfModule> <%- unless additional_options.to_s == 'absent' then -%> @@ -110,15 +112,17 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html SecRuleRemoveById "960010" - <%- else -%> - SecRuleEngine Off - <%- end -%> </IfModule> <%- unless additional_options.to_s == 'absent' then -%> diff --git a/templates/vhosts/static/OpenBSD.erb b/templates/vhosts/static/OpenBSD.erb index be9deb9..da0a6b0 100644 --- a/templates/vhosts/static/OpenBSD.erb +++ b/templates/vhosts/static/OpenBSD.erb @@ -38,8 +38,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ @@ -90,8 +92,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ diff --git a/templates/vhosts/webdav/CentOS.erb b/templates/vhosts/webdav/CentOS.erb index 4b2bb0d..bf4f2d2 100644 --- a/templates/vhosts/webdav/CentOS.erb +++ b/templates/vhosts/webdav/CentOS.erb @@ -56,8 +56,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ @@ -127,8 +129,10 @@ <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + SecAuditEngine On <%- else -%> SecRuleEngine Off + SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ |