whitelist

Customer support forums for the modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the real time modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
optimanet
Forum User
Forum User
Posts: 8
Joined: Fri Sep 05, 2014 4:53 pm
Location: Zurich

whitelist

Unread post by optimanet »

hi,

i am using WAF rules, but not ASL.
to activate whitelist, may i just rename '00_asl_whitelist.conf.disabled' into '00_asl_whitelist.conf' and define the needed IPs in /etc/asl/whitelist - apache2 reload?
or do WAF rule updates overwrite '00_asl_whitelist.conf' back into '00_asl_whitelist.conf.disabled', periodically?

regards,
andi
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: whitelist

Unread post by mikeshinn »

Yes, however what are you using to update and install your rules? We dont distribute any rules with the .disabled extension, nor do we install rules with that extension.
optimanet
Forum User
Forum User
Posts: 8
Joined: Fri Sep 05, 2014 4:53 pm
Location: Zurich

Re: whitelist

Unread post by optimanet »

hi,

i did install your ruleset etc. through plesk 12 gui.
there are several files with .disabled extension:

# ls | grep disabled
00_asl_rbl.conf.disabled
00_asl_whitelist.conf.disabled
05_asl_scanner.conf.disabled
11_asl_data_loss.conf.disabled
15_asl_paranoid_rules.conf.disabled
40_asl_apache2-rules.conf.disabled
70_asl_csrf_experimental.conf.disabled
98_asl_jitp.conf.disabled
99_asl_a_redactor.conf.disabled
99_asl_redactor.conf.disabled
99_asl_redactor_post.conf.disabled
99_asl_scanner.conf.disabled


regards,
andi
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: whitelist

Unread post by mikeshinn »

Ah, so Plesk is doing that. Well, in that case you may have to ask them what the right way is to enable a ruleset, it might just switch it back to .disabled. they are supposed to be using aum to install our rules, and aum doesnt do that, so my guess is they arent using aum.
Post Reply