apachemodsecuritysettings 1.0 pkg_edit.php?xml=apache_mod_security_settings.xml&id=0 Apache /pkg_edit.php?xml=apache_settings.xml&id=0 ModSecurity /pkg_edit.php?xml=apache_mod_security_settings.xml Sync /pkg_edit.php?xml=apache_mod_security_sync.xml Module options /pkg_edit.php?xml=apache_mod_security_settings.xml 2 Rule Groups /pkg.php?xml=apache_mod_security_groups.xml 2 Rule Manipulation /pkg.php?xml=apache_mod_security_manipulation.xml 2 Security options listtopic ModSecurity protection enablemodsecurity More info about ModSecurity can be found here: http://www.modsecurity.org/]]> checkbox Disable Backend Compression secbackendcompression This directive is mandatory in reverse proxy mode to ModSecurity be able to inspect response bodies.]]> select On (Highly recommended)on OffOf Max request per IP SecReadStateLimit More info about this attack can be found here: http://en.wikipedia.org/wiki/Slowloris ]]> input 10 Maximum request body size in memory. secrequestbodyinmemorylimit Configures the maximum request body size ModSecurity will store in memory. input 10 Maximum request body size for buffering. secrequestbodylimit Configures the maximum request body size ModSecurity will accept for buffering. input 10 mod_security crs 10 setup listtopic mod_security crs 10 setup crs10 modsecurity_crs_10_setup.conf file.
Leave empty to load setup defaults.]]> textarea base64 15 90 Custom mod_security ErrorDocument listtopic Custom mod_security ErrorDocument errordocument Custom mod_security ErrorDocument. textarea base64 10 90 Modsecurity addons listtopic Http-guardian.pl enablehttpdguardian NOTE: In order for this script to be effective it must be able to see all requests coming to the web server, so no per-virtual host option for this script.]]> select Disable Enable and block when threshold is reachedblock Enable but just log when threshold is reachedlog Threshold 1min threshold1min input 5 Threshold 5min threshold5min input 5 apache_mod_security_resync(); /usr/local/pkg/apache_mod_security.inc