UPWORK/ODESK guru: Tips and Tricks for clients

skype: odesk.by / upwork.link , email: info@odesk.by/upwork.link

Modsecurity: Installation of last version of CRS for Centos 6/7

without comments

Script:

#!/bin/bash

version='SpiderLabs-owasp-modsecurity-crs-327d162'
modsecdir='/etc/httpd/modsecurity.d'
modsecsubdir='/etc/httpd/modsecurity.d/activated_rules'
cd /etc/httpd
ln -s $version crs
cd $modsecdir
ln -s /etc/httpd/crs/modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf
cd $modsecsubdir

ln -s /etc/httpd/crs/base_rules/modsecurity_35_bad_robots.data
ln -s /etc/httpd/crs/base_rules/modsecurity_35_scanners.data
ln -s /etc/httpd/crs/base_rules/modsecurity_40_generic_attacks.data
ln -s /etc/httpd/crs/base_rules/modsecurity_50_outbound.data
ln -s /etc/httpd/crs/base_rules/modsecurity_50_outbound_malware.data
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_20_protocol_violations.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_21_protocol_anomalies.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_23_request_limits.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_30_http_policy.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_35_bad_robots.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_40_generic_attacks.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_41_xss_attacks.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_42_tight_security.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_45_trojans.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_47_common_exceptions.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_48_local_exceptions.conf.example
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_49_inbound_blocking.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_50_outbound.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_59_outbound_blocking.conf
ln -s /etc/httpd/crs/base_rules/modsecurity_crs_60_correlation.conf


#ln -s /etc/httpd/crs/optional_rules/modsecurity_42_comment_spam.data
ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_10_ignore_static.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_11_avs_traffic.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_13_xml_enabler.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_16_authentication_tracking.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_16_session_hijacking.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_16_username_tracking.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_25_cc_known.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_42_comment_spam.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_43_csrf_protection.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_46_av_scanning.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_47_skip_outbound_checks.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_49_header_tagging.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_55_application_defects.conf
#ln -s /etc/httpd/crs/optional_rules/modsecurity_crs_55_marketing.conf


#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_joomla.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_lfi.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_phpbb.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_rfi.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_sqli.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_wordpress.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_46_slr_et_xss.data
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_joomla_attacks.conf
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_lfi_attacks.conf
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_phpbb_attacks.conf
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_rfi_attacks.conf
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_sqli_attacks.conf
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_wordpress_attacks.conf
#ln -s /etc/httpd/crs/slr_rules/modsecurity_crs_46_slr_et_xss_attacks.conf

#ln -s /etc/httpd/crs/experimental_rules

Written by spectre

July 20th, 2015 at 10:50 am

Posted in Apache2