Hi,
i have switched from manual updates to aum and I've noticed that aum deleted 2 rule files and added some other is that normal?
i used for manual update rules from your wiki
Include /full/path/to/your/rules/modsecurity.d/00_asl_0_global.conf
Include /full/path/to/your/rules/modsecurity.d/00_asl_z_antievasion.conf
Include /full/path/to/your/rules/modsecurity.d/00_asl_zz_strict.conf
Include /full/path/to/your/rules/modsecurity.d/09_asl_rules.conf
Include /full/path/to/your/rules/modsecurity.d/10_asl_antimalware.conf
Include /full/path/to/your/rules/modsecurity.d/10_asl_rules.conf
Include /full/path/to/your/rules/modsecurity.d/11_asl_adv_rules.conf
Include /full/path/to/your/rules/modsecurity.d/11_asl_data_loss.conf
Include /full/path/to/your/rules/modsecurity.d/20_asl_useragents.conf
Include /full/path/to/your/rules/modsecurity.d/30_asl_antispam.conf
Include /full/path/to/your/rules/modsecurity.d/50_asl_rootkits.conf
Include /full/path/to/your/rules/modsecurity.d/51_asl_rootkits.conf
Include /full/path/to/your/rules/modsecurity.d/60_asl_recons.conf
Include /full/path/to/your/rules/modsecurity.d/61_asl_recons_dlp.conf
Include /full/path/to/your/rules/modsecurity.d/99_asl_jitp.conf
those two rules were deleted by aum
00_asl_zz_strict.conf
11_asl_data_loss.conf
Regards,
ajsu
switch from manual updates to aum
-
- New Forum User
- Posts: 4
- Joined: Mon Nov 26, 2012 7:07 am
- Location: Poland
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: switch from manual updates to aum
Sure you need to enable them with MODSEC_00_STRICT, and MODSEC_11_DLP in your /etc/asl/config
https://www.atomicorp.com/wiki/index.ph ... figuration
https://www.atomicorp.com/wiki/index.ph ... figuration