aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/apache_mod_security/apache_mod_security.inc9
-rw-r--r--config/apache_mod_security/apache_mod_security.xml5
-rw-r--r--config/apache_mod_security/apache_mod_security_settings.xml10
-rw-r--r--config/apache_mod_security/rules/snortmodsec-rules.txt2
4 files changed, 25 insertions, 1 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc
index eee5af4c..76aecabe 100644
--- a/config/apache_mod_security/apache_mod_security.inc
+++ b/config/apache_mod_security/apache_mod_security.inc
@@ -179,6 +179,12 @@ function generate_apache_configuration() {
else
$secrequestbodylimit = "10485760";
+ // ErrorDocument
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['errordocument'])
+ $errordocument = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['errordocument'];
+ else
+ $errordocument = "";
+
// SecAuditEngine
if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['secauditengine'])
$secauditengine = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['secauditengine'];
@@ -798,6 +804,9 @@ DefaultType text/plainm
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
+
+{$errordocument}
+
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
diff --git a/config/apache_mod_security/apache_mod_security.xml b/config/apache_mod_security/apache_mod_security.xml
index c4196e7d..23447a89 100644
--- a/config/apache_mod_security/apache_mod_security.xml
+++ b/config/apache_mod_security/apache_mod_security.xml
@@ -72,6 +72,11 @@
<chmod>0644</chmod>
<item>http://www.pfsense.com/packages/config/apache_mod_security/rules/10_asl_rules.conf</item>
</additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/apachemodsecurity/rules/</prefix>
+ <chmod>0644</chmod>
+ <item>http://www.pfsense.com/packages/config/apache_mod_security/rules/snortmodsec-rules.txt</item>
+ </additional_files_needed>
<tabs>
<tab>
<text>Proxy Server Settings</text>
diff --git a/config/apache_mod_security/apache_mod_security_settings.xml b/config/apache_mod_security/apache_mod_security_settings.xml
index 2c2b6c7d..31ffe5fe 100644
--- a/config/apache_mod_security/apache_mod_security_settings.xml
+++ b/config/apache_mod_security/apache_mod_security_settings.xml
@@ -171,13 +171,21 @@
</options>
</field>
<field>
+ <fielddescr>Custom mod_security ErrorDocument</fielddescr>
+ <fieldname>errordocument</fieldname>
+ <description></description>
+ <type>textarea</type>
+ <rows>10</rows>
+ <cols>75</cols>
+ </field>
+ <field>
<fielddescr>Custom mod_security rules</fielddescr>
<fieldname>modsecuritycustom</fieldname>
<description>Paste any custom mod_security rules that you would like to use</description>
<type>textarea</type>
<rows>10</rows>
<cols>75</cols>
- </field>
+ </field>
</fields>
<custom_php_resync_config_command>
apache_mod_security_resync();
diff --git a/config/apache_mod_security/rules/snortmodsec-rules.txt b/config/apache_mod_security/rules/snortmodsec-rules.txt
index 0e46aa1e..43713069 100644
--- a/config/apache_mod_security/rules/snortmodsec-rules.txt
+++ b/config/apache_mod_security/rules/snortmodsec-rules.txt
@@ -1,3 +1,5 @@
+# Downloaded from http://www.modsecurity.org/documentation/snortmodsec-rules.txt
+
# WEB-ATTACKS ps command attempt
SecFilterSelective THE_REQUEST "/bin/ps"