asl-lite doesn't download all rules

killerhorse
Forum User
Forum User
Posts: 10
Joined: Mon Jun 06, 2011 5:53 am
Location: Vienna

asl-lite doesn't download all rules

Unread post by killerhorse »

Hi,

I have been using the Realtime Modsecurity Rules for some months, and I must say, you did, and you are still doing a great job.
For updating the rules I use asl-lite.
Some days ago, I opened a case bacause I had one small problem. I was asked if I use the 11_asl_data_loss.conf rules too. I didn't. Now I'm doing and the problem is solved.
My question is: Is it possible to update this rule file too, with asl-lite. asl-lite seems to download/update only some of the modsecurity rule files.

Kind regards,
Christian
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: asl-lite doesn't download all rules

Unread post by mikeshinn »

Thanks for the question. Asl-lite fail safes right now to only download 2.5.13 compatable rules, and not 2.6.x rules because of the limitations we have in source built and other non-software managed environments in detected what version of mod_security is installed.

We're looking into ways to determine this in asl-lite. ASL already does this, as it can both detect whats installed and upgrade mod_security (as well as manage it and configured, plus allow you to change the rules and view events). So ASL will download rules that require newer versions of mod_security, like the DLP rules, to function, but asl-lite is far more limited because of its intended use (rule downloader).

We could potentially add a way to manually "declare" what version of mod_security you have installed, but we're also looking into if its possible for asl-lite to upgrade mod_security when newer rules require it.
Post Reply