Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issues (not surprising) with mod_security_dev packages

    Scheduled Pinned Locked Moved Cache/Proxy
    1 Posts 1 Posters 616 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      phs
      last edited by

      Hi folks,

      Thanks to all who work hard to make pfSense the great product that it is!

      Using:

      2.2.4-RELEASE (amd64)
      built on Sat Jul 25 19:57:37 CDT 2015
      FreeBSD 10.1-RELEASE-p15

      Just wanted to warn folks about the "Apache with mod_security-dev" and "Proxy Server with mod_security" packages.  I have confirmed that they are, indeed ALPHA status.

      I had been hoping to set up a way to monitor and log HTTP(S) traffic to and from some web servers (at a single IP address) on our LAN.  After lots of searching, I'm not really sure how to fully use these packages, as I wasn't able to find much helpful documentation, but thought I'd give them a try.  Also, I'm not sure at all which package of the two to select, in order to just monitor and record web server traffic.

      Anyway, after being unsuccessful getting either to function properly, I have run out of time, but just wanted to point out the following, in case it helps anyone:

      It seems "Apache with mod_security-dev", at least, has issues with the Apache httpd.conf file.  There seem to be numerous  errors in this file, which I don't have time to fix, unfortunately.  It seems Apache uses this file:

      /usr/pbi/proxy_mod_security-amd64/local/etc/apache24/httpd.conf

      even though Apache spits out errors similar to this when attempting to "onestart" it from a CLI:

      Performing sanity check on apache24 configuration:
      AH00526: Syntax error on line 591 of /usr/local/etc/apache24/httpd.conf:
      ModSecurity: No action id present within the rule
      Starting apache24.
      AH00526: Syntax error on line 591 of /usr/local/etc/apache24/httpd.conf:
      ModSecurity: No action id present within the rule
      /usr/pbi/proxy_mod_security-amd64/local/etc/rc.d/apache24: WARNING: failed to start apache24

      Sorry I don't have more time to investigate, and also if this is posted in the incorrect location.

      Thanks,

      phs

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.