分类
DirectAdmin OpenLiteSpeed

OpenLiteSpeed安装使用ModSecurity

ModSecurity是一个开源的跨平台Web应用程序防火墙(WAF)引擎,用于Apache,IIS和Nginx等主流的Web服务器。作为WAF产品,ModSecurity专门关注HTTP流量,当发出HTTP请求时,ModSecurity检查请求的所有部分,如果请求是恶意的,它会被阻止和记录。

最近迷上了DirectAdmin+OpenLiteSpeed这个比较小众的组合,这里记录下如何给OpenLiteSpeed启用ModSecurity支持。

cd /usr/local/directadmin/custombuild
./build update
./build set modsecurity yes
./build set modsecurity_ruleset comodo
./build set webserver openlitespeed
./build openlitespeed
./build modsecurity

DirectAdmin里面设置这个组合相当简单,经过测试新版本的DA没有bug,直接即可使用。

上面执行完了会提示

+------------------------------------------------------
| Installation complete!
| You may examine log file
| /tmp/cwaf_install.log.29630
| for errors in case not everything went flawless.
| Also you may examine file
| /usr/local/cwaf/INFO.TXT
| for some useful software information.
+------------------------------------------------------
Defaulting to Comodo WAF SecDefaultAction...
Installation of ModSecurity Rule Set has been finished.

安装完了想测试规则是否生效也很简单,直接在域名后面加上特殊的恶意请求即可。

http://www.mydomain.com/?r=/etc/passwd

页面上返回403错误就行了。

403

Forbidden

Access to this resource on the server is denied!

“OpenLiteSpeed安装使用ModSecurity”上的2条回复

cp: cannot stat ‘/etc/nginx/nginx-modsecurity.conf’: No such file or directory
chown: cannot access ‘/usr/local/cwaf/conf/modsec2_plugin.conf’: No such file or directory
can’t read config /usr/local/cwaf/conf/modsec2_plugin.conf at /usr/local/cwaf/modules/CPAN/lib/Comodo/CWAF/ModSecurity.pm line 75.
Compilation failed in require at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 13.
BEGIN failed–compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 13.

如何解决

发表评论

电子邮件地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据