diff options
4 files changed, 25 insertions, 1 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc index eee5af4c..76aecabe 100644 --- a/config/apache_mod_security/apache_mod_security.inc +++ b/config/apache_mod_security/apache_mod_security.inc @@ -179,6 +179,12 @@ function generate_apache_configuration() { else $secrequestbodylimit = "10485760"; + // ErrorDocument + if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['errordocument']) + $errordocument = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['errordocument']; + else + $errordocument = ""; + // SecAuditEngine if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['secauditengine']) $secauditengine = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['secauditengine']; @@ -798,6 +804,9 @@ DefaultType text/plainm # 1) plain text 2) local redirects 3) external redirects # # Some examples: + +{$errordocument} + #ErrorDocument 500 "The server made a boo boo." #ErrorDocument 404 /missing.html #ErrorDocument 404 "/cgi-bin/missing_handler.pl" diff --git a/config/apache_mod_security/apache_mod_security.xml b/config/apache_mod_security/apache_mod_security.xml index c4196e7d..23447a89 100644 --- a/config/apache_mod_security/apache_mod_security.xml +++ b/config/apache_mod_security/apache_mod_security.xml @@ -72,6 +72,11 @@ <chmod>0644</chmod> <item>http://www.pfsense.com/packages/config/apache_mod_security/rules/10_asl_rules.conf</item> </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/apachemodsecurity/rules/</prefix> + <chmod>0644</chmod> + <item>http://www.pfsense.com/packages/config/apache_mod_security/rules/snortmodsec-rules.txt</item> + </additional_files_needed> <tabs> <tab> <text>Proxy Server Settings</text> diff --git a/config/apache_mod_security/apache_mod_security_settings.xml b/config/apache_mod_security/apache_mod_security_settings.xml index 2c2b6c7d..31ffe5fe 100644 --- a/config/apache_mod_security/apache_mod_security_settings.xml +++ b/config/apache_mod_security/apache_mod_security_settings.xml @@ -171,13 +171,21 @@ </options> </field> <field> + <fielddescr>Custom mod_security ErrorDocument</fielddescr> + <fieldname>errordocument</fieldname> + <description></description> + <type>textarea</type> + <rows>10</rows> + <cols>75</cols> + </field> + <field> <fielddescr>Custom mod_security rules</fielddescr> <fieldname>modsecuritycustom</fieldname> <description>Paste any custom mod_security rules that you would like to use</description> <type>textarea</type> <rows>10</rows> <cols>75</cols> - </field> + </field> </fields> <custom_php_resync_config_command> apache_mod_security_resync(); diff --git a/config/apache_mod_security/rules/snortmodsec-rules.txt b/config/apache_mod_security/rules/snortmodsec-rules.txt index 0e46aa1e..43713069 100644 --- a/config/apache_mod_security/rules/snortmodsec-rules.txt +++ b/config/apache_mod_security/rules/snortmodsec-rules.txt @@ -1,3 +1,5 @@ +# Downloaded from http://www.modsecurity.org/documentation/snortmodsec-rules.txt + # WEB-ATTACKS ps command attempt SecFilterSelective THE_REQUEST "/bin/ps" |