In Mod Security, the OWASP CRS 4.x have plugins (formerly "exclusion packages"). I'm trying to enable them in my custom modsecurity conf. Since I'm using DirectAdmin, this is the file:
/usr/local/directadmin/custombuild/custom/openlitespeed/conf/httpd-modsecurity.conf
According to the CRS documentation, it's as simple as creating a directory, and adding he rule files:
However, I don't know how to accomplish this using my conf file (httpd-modsecurity.conf)
Has anyone installed OWASP CRS plugins in OpenLiteSpeed?
/usr/local/directadmin/custombuild/custom/openlitespeed/conf/httpd-modsecurity.conf
According to the CRS documentation, it's as simple as creating a directory, and adding he rule files:
Code:
Include crs/crs-setup.conf
Include crs/plugins/*-config.conf
Include crs/plugins/*-before.conf
Include crs/rules/*.conf
Include crs/plugins/*-after.conf
Code:
# Default recommended configuration
SecRuleEngine On
SecRequestBodyAccess On
SecDefaultAction "phase:2,deny,log,status:406"
SecRequestBodyLimitAction ProcessPartial
SecResponseBodyLimitAction ProcessPartial
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
SecAuditLogFormat JSON
SecPcreMatchLimit 250000
SecPcreMatchLimitRecursion 250000
SecCollectionTimeout 600
SecDebugLog /var/log/httpd/modsec_debug.log
SecDebugLogLevel 0
SecAuditEngine RelevantOnly
SecAuditLog /var/log/httpd/modsec_audit.log
SecUploadDir /tmp
SecTmpDir /tmp
SecDataDir /tmp
SecTmpSaveUploadedFiles on
# ModSecurity Core Rules Set and Local configuration
Include /etc/modsecurity.d/*.conf.main
Include /etc/modsecurity.d/*.conf