diff options
| -rw-r--r-- | manifests/vhost/redirect.pp | 1 | ||||
| -rw-r--r-- | manifests/vhost/template.pp | 5 | ||||
| -rw-r--r-- | templates/vhosts/php_typo3/php_typo3.erb | 6 | ||||
| -rw-r--r-- | templates/vhosts/php_wordpress/php_wordpress.erb | 2 |
4 files changed, 13 insertions, 1 deletions
diff --git a/manifests/vhost/redirect.pp b/manifests/vhost/redirect.pp index 7422629..10b78bf 100644 --- a/manifests/vhost/redirect.pp +++ b/manifests/vhost/redirect.pp @@ -27,6 +27,7 @@ define apache::vhost::redirect( domainalias => $domainalias, server_admin => $server_admin, allow_override => $allow_override, + mod_security => false, options => $target_url, ssl_mode => $ssl_mode, } diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index a9e0dbe..324a96a 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -58,7 +58,10 @@ define apache::vhost::template( $ldap_user = 'any' ){ if $mod_security { - include mod_security + case $run_mode { + 'itk': { include mod_security::itk } + default: { include mod_security } + } } $real_path = $path ? { diff --git a/templates/vhosts/php_typo3/php_typo3.erb b/templates/vhosts/php_typo3/php_typo3.erb index 126dbb1..fbdde07 100644 --- a/templates/vhosts/php_typo3/php_typo3.erb +++ b/templates/vhosts/php_typo3/php_typo3.erb @@ -138,6 +138,12 @@ php_admin_value allow_url_fopen On </Directory> + <Location "/typo3"> + <IfModule mod_security2.c> + SecRuleEngine Off + </IfModule> + </Location> + <IfModule mod_security2.c> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On diff --git a/templates/vhosts/php_wordpress/php_wordpress.erb b/templates/vhosts/php_wordpress/php_wordpress.erb index 980fc26..72f4907 100644 --- a/templates/vhosts/php_wordpress/php_wordpress.erb +++ b/templates/vhosts/php_wordpress/php_wordpress.erb @@ -65,6 +65,7 @@ SecDebugLog <%= logdir %>/mod_security_debug.log # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html SecRuleRemoveById "960010" + SecRuleRemoveById "950018" </IfModule> <%- unless additional_options.to_s == 'absent' then -%> @@ -135,6 +136,7 @@ SecDebugLog <%= logdir %>/mod_security_debug.log # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html SecRuleRemoveById "960010" + SecRuleRemoveById "950018" </IfModule> <%- unless additional_options.to_s == 'absent' then -%> |