aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMarcello Coutinho <marcellocoutinho@gmail.com>2013-11-12 16:34:36 -0200
committerMarcello Coutinho <marcellocoutinho@gmail.com>2013-11-12 16:34:36 -0200
commit04d3a9f630b3acff867560a99025383ddf02da83 (patch)
tree6b0ddf93758b190a1d94c77575b768bf12a51f20
parentb1647de7222feb13f420df55de94abbadeab12a0 (diff)
downloadpfsense-packages-04d3a9f630b3acff867560a99025383ddf02da83.tar.gz
pfsense-packages-04d3a9f630b3acff867560a99025383ddf02da83.tar.bz2
pfsense-packages-04d3a9f630b3acff867560a99025383ddf02da83.zip
apache-modsecurity-dev - bump version fix typos on status page feature
-rw-r--r--config/apache_mod_security-dev/apache.template8
-rw-r--r--config/apache_mod_security-dev/apache_mod_security.inc19
-rw-r--r--config/apache_mod_security-dev/apache_settings.xml26
-rw-r--r--config/apache_mod_security-dev/apache_virtualhost.xml10
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
6 files changed, 29 insertions, 38 deletions
diff --git a/config/apache_mod_security-dev/apache.template b/config/apache_mod_security-dev/apache.template
index 362e28a4..12a36b69 100644
--- a/config/apache_mod_security-dev/apache.template
+++ b/config/apache_mod_security-dev/apache.template
@@ -197,8 +197,6 @@ DocumentRoot "{$apache_dir}/www/apache22"
Deny from all
</Directory>
-{$mod_status}
-
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
@@ -506,9 +504,13 @@ AcceptFilter https none
# Proxysettings
{$mod_proxy}
+# Mod status
+{$mod_status}
+
+
# Include anything else
Include etc/apache22/Includes/*.conf
EOF;
-?>
+?> \ No newline at end of file
diff --git a/config/apache_mod_security-dev/apache_mod_security.inc b/config/apache_mod_security-dev/apache_mod_security.inc
index 615a7fc4..f21dcbdc 100644
--- a/config/apache_mod_security-dev/apache_mod_security.inc
+++ b/config/apache_mod_security-dev/apache_mod_security.inc
@@ -548,31 +548,18 @@ EOF;
}
// Process Status Page
$mod_status = "";
- if ($setting('statuspage') == "on") {
+ if ($settings['statuspage'] == "on") {
$mod_status .= <<<EOF
<Location /server-status>
SetHandler server-status
Order Deny,Allow
Deny from all
+
EOF;
- $mod_status .= "Allow from ".($settings['netaccessstatus'] ? $settings['netaccessstatus'] : "All")."\n";
+ $mod_status .= "Allow from ".($settings['netaccessstatus'] ? $settings['netaccessstatus'] : "All")."\n";
$mod_status .= "</Location>\n";
}
-//** Uncomment to allow adding ip/ports not used by any site proxies
-//** Otherwise unused addresses/ports will be automatically deleted from the configuration
-// foreach ($configuredaliases as $ams) {
-// $local_ip_port = "{$ams['ipaddress']}:{$ams['ipport']}";
-// if(!in_array($local_ip_port, $processed)) {
-// // explicit bind if not global ip:port
-// if ($local_ip_port != $global_listen) {
-// $aliases .= "Listen $local_ip_port\n";
-// // Automatically add this to configuration
-// $config['installedpackages']['apachesettings']['config'][0]['row'][] = array('ipaddress' => $ams['ipaddress'], 'ipport' => $ams['ipport']);
-// }
-// }
-// }
-
// update configuration with actual ip bindings
write_config($pkg['addedit_string']);
diff --git a/config/apache_mod_security-dev/apache_settings.xml b/config/apache_mod_security-dev/apache_settings.xml
index de350cf1..2f089616 100644
--- a/config/apache_mod_security-dev/apache_settings.xml
+++ b/config/apache_mod_security-dev/apache_settings.xml
@@ -278,23 +278,23 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Status Page</fielddescr>
- <fieldname>statuspage</fieldname>
- <description>
- <![CDATA[Enable a status page for Apache and Mod_proxy. Access http://DefaultBindIP:DefaultBindPort/status-server]]>
- </description>
- <type>select</type>
- <options>
- <option><name>On</name><value>on</value></option>
- <option><name>Off</name><value>off</value></option>
- </options>
- </field>
+ <fielddescr>Status Page</fielddescr>
+ <fieldname>statuspage</fieldname>
+ <description>
+ <![CDATA[Enable a status page for Apache and Mod_proxy. Access http://DefaultBindIP:DefaultBindPort/status-server]]>
+ </description>
+ <type>select</type>
+ <options>
+ <option><name>Disabled (Default)</name><value>off</value></option>
+ <option><name>Enabled</name><value>on</value></option>
+ </options>
+ </field>
<field>
<fielddescr>Network Access Status Page</fielddescr>
<fieldname>netaccessstatus</fieldname>
<description>
- <![CDATA[Network can access a status page. Ex: 172.16.1.0/24<br/>
- NOTE: Leave blank define all networks]]>
+ <![CDATA[Networks that can access apache status page. Ex: 172.16.1.0/24<br/>
+ NOTE: Leave blank to allow access from any ip.(Not recommended for security reasons)]]>
</description>
<type>input</type>
</field>
diff --git a/config/apache_mod_security-dev/apache_virtualhost.xml b/config/apache_mod_security-dev/apache_virtualhost.xml
index 7a3737cd..b3653bdf 100644
--- a/config/apache_mod_security-dev/apache_virtualhost.xml
+++ b/config/apache_mod_security-dev/apache_virtualhost.xml
@@ -303,7 +303,7 @@
<fieldname>sitepath</fieldname>
<description><![CDATA[Site path to publish.<br>leave blank to use /]]></description>
<type>input</type>
- <size>13</size>
+ <size>12</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr><![CDATA[Balancer]]></fielddescr>
@@ -332,7 +332,7 @@
<fieldname>backendpath</fieldname>
<description><![CDATA[Backend redirect path.<br>Leave blank to use /]]></description>
<type>input</type>
- <size>13</size>
+ <size>12</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr><![CDATA[ModSecurity]]></fielddescr>
@@ -359,7 +359,7 @@
<fieldname>options</fieldname>
<description><![CDATA[Additional proxypass options for this path.<br>ex: ttl=60 stickysession='JSESSIONID']]></description>
<type>input</type>
- <size>12</size>
+ <size>11</size>
</rowhelperfield>
</rowhelper>
</field>
@@ -399,9 +399,11 @@
<fieldname>custom</fieldname>
<description>Paste extra apache config for this virtualhost. This is usefull for rewrite rules for example.</description>
<type>textarea</type>
- <cols>65</cols>
+ <cols>90</cols>
<rows>10</rows>
<encoding>base64</encoding>
+ <dontdisplayname/>
+ <usecolspan2/>
</field>
</fields>
<service>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 87af456e..3aaa00ff 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -214,7 +214,7 @@
<website>http://www.modsecurity.org/</website>
<descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr>
<category>Network Management</category>
- <version>2.2.23 pkg v0.2.3</version>
+ <version>2.2.23 pkg v0.2.4</version>
<status>ALPHA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 090bc71a..ff9a1d09 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -201,7 +201,7 @@
<website>http://www.modsecurity.org/</website>
<descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr>
<category>Network Management</category>
- <version>2.2.23 pkg v0.2.3</version>
+ <version>2.2.23 pkg v0.2.4</version>
<status>ALPHA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file>