Search found 1691 matches
- Mon May 04, 2020 12:41 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Support CentOS 8?
- Replies: 9
- Views: 53424
Re: Support CentOS 8?
We cant speak for Plesk, they may have their own process for installing and configuring modsecurity, but modsecurity rules are not platform dependant. Simply load the rules into modsecurity on whatever platform you are using and theyll work.
- Mon May 04, 2020 12:39 pm
- Forum: Atomicorp Free Modsecurity Rules
- Topic: BUG: ModSecurity kills posting in this forum?!
- Replies: 3
- Views: 24492
Re: BUG: ModSecurity kills posting in this forum?!
Certainly, the supported rules provide a lot more information and support is provided for any issues the same day the issue is reported, updates for false positives for example are provided the same day they are reported, our goal is provide any update within an hour.
- Sat May 02, 2020 4:38 pm
- Forum: Atomicorp Free Modsecurity Rules
- Topic: BUG: ModSecurity kills posting in this forum?!
- Replies: 3
- Views: 24492
Re: BUG: ModSecurity kills posting in this forum?!
It looks like youre using the unsupported free rules, is that correct?
- Sat May 02, 2020 4:37 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Support CentOS 8?
- Replies: 9
- Views: 53424
Re: Support CentOS 8?
The rules are supported on any platform that supports modsecurity, that includes Centos 8.
- Wed Apr 01, 2020 6:22 pm
- Forum: OSSEC
- Topic: ossec-Maild High CPU Utilization
- Replies: 1
- Views: 9425
Re: ossec-Maild High CPU Utilization
Can you put ossec-maild into debug mode and share whats happening when its using an unusually high amount of CPU?
- Wed Mar 11, 2020 5:43 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: error duing asl -s scan
- Replies: 5
- Views: 45744
Re: error duing asl -s scan
That means these options are disabled in ASL/AWP: Advanced Malware Removal Ruleset: off [MODERATE] https://wiki.atomicorp.com/wiki/index.php/ASL_WAF#MODSEC_98_ADV_REDACTOR Just In Time Patches: off [HIGH] https://wiki.atomicorp.com/wiki/index.php/ASL_WAF#MODSEC_99_JITP Basic Malware Removal Ruleset:...
- Tue Mar 10, 2020 11:18 am
- Forum: Atomic Protector (formerly ASL)
- Topic: error duing asl -s scan
- Replies: 5
- Views: 45744
Re: error duing asl -s scan
So this error: 2 9901 ASLCommon::cmd_exec ERROR: '(1) /usr/sbin/apachectl -t 2>&1 >/dev/null -- httpd: Syntax error on line 1 of /etc/httpd/conf/httpd.conf: Syntax error on line 3 of /etc/httpd/conf.d/00_mod_security.conf: Cannot load modules/mod_security2.so into server: /etc/httpd/modules/mod_...
- Mon Mar 02, 2020 5:53 pm
- Forum: Requests
- Topic: ClamAV 0.102.2
- Replies: 2
- Views: 38455
Re: ClamAV 0.102.2
Unfortunately 0.102.x isnt supported on el6/7 it requires a version of the curl api thats not available for those platforms (which is also why epel doesnt have updates to 1.102.x either). clamav has basically abandoned el6/7 with this choice. clamav 1.102.x is going to need to be re-written in those...
- Tue Nov 12, 2019 5:22 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL - Logs
- Replies: 1
- Views: 35562
Re: ASL - Logs
WAF events are logged concurrently to the event data repository with one per event and are stored by default in this location on the system:
/var/asl/data/audit/apache
/var/asl/data/audit/apache
- Wed Sep 25, 2019 3:23 pm
- Forum: OSSEC
- Topic: Long messages being truncated when sent using syslog_output.
- Replies: 10
- Views: 17398
Re: Long messages being truncated when sent using syslog_out
Ah, OK si that sounds like youre just using the open source builds? If so, then you need to grab the latest source code and build from that the binary your using is quite old and it looks like youre using 3.0, whereas the source tree has patches for the upcoming 4.0 release. If youre using the comme...
- Tue Sep 17, 2019 4:35 pm
- Forum: OSSEC
- Topic: Long messages being truncated when sent using syslog_output.
- Replies: 10
- Views: 17398
Re: Long messages being truncated when sent using syslog_out
Thats pretty old, I dont think we've put out a version of AEO using a version of OSSEC that old. Can you send me the version number for AEO with this command:
asl -v
asl -v
- Wed Sep 11, 2019 10:35 am
- Forum: OSSEC
- Topic: Long messages being truncated when sent using syslog_output.
- Replies: 10
- Views: 17398
Re: Long messages being truncated when sent using syslog_out
Sorry if I wasnt clear, the latest version of AEO has no limit. What version of AEO is the hub using?
Just run this command:
asl -v
Just run this command:
asl -v
- Fri Sep 06, 2019 8:41 am
- Forum: OSSEC
- Topic: Local installation version VS Agentless Server installation
- Replies: 1
- Views: 7676
Re: Local installation version VS Agentless Server installat
They basically the same thing. You may want to disable some services that are used just with agents, like remoted but otherwise a standalone instance is an ossec server as opposed to an agent.
- Tue Aug 20, 2019 6:58 pm
- Forum: OSSEC
- Topic: Long messages being truncated when sent using syslog_output.
- Replies: 10
- Views: 17398
Re: Long messages being truncated when sent using syslog_out
Yes the latest version of AEO allows for setting effectively an unlimited limit, just make sure youre using the latest version of AEO.
- Thu Jul 18, 2019 1:29 pm
- Forum: OSSEC
- Topic: How to extract IP from Log
- Replies: 4
- Views: 10025
Re: How to extract IP from Log
What version of OSSEC are you using?