And then copy the ASL rules into /etc/httpd/modsecurity.d and finally make sure you have these defined in your modsecurity.conf file:
(If you already have these set, you can leave them alone, they just need to be set for 2.5, here are some examples we use:)
SecDataDir /var/asl/data/msa SecTmpDir /tmp SecAuditLogStorageDir /var/asl/data/audit
What does this mean? Do these phrases need to be in the config file?
where does this go
I'm new at this setup and seems like the instructions assume a deeper knowledge of the procedures. I would appreciate your help.# General settings
USERNAME="USERNAME"
PASSWORD="PASSWORD"
ASLHOME=/var/asl/
UPDATEPATH=www.atomicorp.com/channels/rules/subscription
U_LOG=$ASLHOME/data/updates-data
# Application settings
WGET=/usr/bin/wget
# Apache settings
MODSEC_RULES_DIR=/etc/httpd/modsecurity.d/
MODSEC_CONFIG=$MODSEC_RULES_DIR/modsecurity_crs_10_config.conf
APACHECTL=/usr/sbin/apachectl
APACHE_INIT=/etc/init.d/httpd
RESTART_APACHE=yes # This can be yes, no, or graceful
# Clamav settings
CLAMAV_DIR=/var/clamav
thank you