1 files changed, 9 insertions, 65 deletions

diff --git a/config/apache_mod_security-dev/apache.template b/config/apache_mod_security-dev/apache.template
index 69ffb9c7..ab981a9e 100644
--- a/config/apache_mod_security-dev/apache.template
+++ b/config/apache_mod_security-dev/apache.template
@@ -4,69 +4,8 @@
 		if(file_exists( APACHEDIR ."/libexec/apache22/mod_memcache.so"))
 			$mod_mem_cache = "LoadModule memcache_module libexec/apache22/mod_memcache.so\n";
 		}
-
-/*
-<IfModule mod_security2.c>
-
-
-    # Turn the filtering engine On or Off
-    SecFilterEngine On
-
-	# XXX Add knobs for these
-	SecRuleEngine On
-	SecRequestBodyAccess On
-	SecResponseBodyAccess On
-
-	SecRequestBodyInMemoryLimit {$secrequestbodyinmemorylimit}
-	SecRequestBodyLimit {$secrequestbodylimit}
-
-	{$mod_security_custom}
-
-	SecResponseBodyMimeTypesClear
-	SecResponseBodyMimeType (null) text/plain text/html text/css text/xml
-
-	# XXX Add knobs for these
-	SecUploadDir /var/spool/apache/private
-	SecUploadKeepFiles Off
-
-    # The audit engine works independently and
-    # can be turned On of Off on the per-server or
-    # on the per-directory basis
-    SecAuditEngine {$secauditengine}
-
-	# XXX Add knobs for these
-    # Make sure that URL encoding is valid
-    SecFilterCheckURLEncoding On
-
-	# XXX Add knobs for these
-    # Unicode encoding check
-    SecFilterCheckUnicodeEncoding On
-
-	# XXX Add knobs for these
-    # Only allow bytes from this range
-    SecFilterForceByteRange 1 255
-
-	# Help prevent the effects of a Slowloris-type of attack
-	# $secreadstatelimit
-
-    # Cookie format checks.
-    SecFilterCheckCookieFormat On
-
-    # The name of the audit log file
-    SecAuditLog logs/audit_log
-    
-    #http-guardian Anti-dos protection
-    {$SecGuardianLog}
-
-    # Should mod_security inspect POST payloads
-    SecFilterScanPOST On
-
-	# Include rules from rules/ directory
-	{$mod_security_rules}
-
-</IfModule>
-
-*/
+	if($mods_settings['enablemodsecurity']=="on")
+		$mod_security_module= "LoadModule security2_module libexec/apache22/mod_security2.so\n";
 
 $apache_dir=APACHEDIR;
 	$apache_config = <<<EOF
@@ -176,7 +115,7 @@ LoadModule status_module libexec/apache22/mod_status.so
 LoadModule autoindex_module libexec/apache22/mod_autoindex.so
 LoadModule asis_module libexec/apache22/mod_asis.so
 LoadModule info_module libexec/apache22/mod_info.so
-LoadModule cgi_module libexec/apache22/mod_cgi.so
+#LoadModule cgi_module libexec/apache22/mod_cgi.so
 LoadModule vhost_alias_module libexec/apache22/mod_vhost_alias.so
 LoadModule negotiation_module libexec/apache22/mod_negotiation.so
 LoadModule dir_module libexec/apache22/mod_dir.so
@@ -188,6 +127,7 @@ LoadModule alias_module libexec/apache22/mod_alias.so
 LoadModule rewrite_module libexec/apache22/mod_rewrite.so
 LoadModule reqtimeout_module libexec/apache22/mod_reqtimeout.so
 {$mod_mem_cache}
+{$mod_security_module}
 
 <IfModule !mpm_netware_module>
 <IfModule !mpm_winnt_module>
@@ -564,9 +504,13 @@ AcceptFilter https none
 # Proxysettings
 {$mod_proxy}
 
+# Mod status
+{$mod_status}
+
+
 # Include anything else
 Include etc/apache22/Includes/*.conf
 
 EOF;
 
-?>
\ No newline at end of file
+?>