Page 1 of 1
whitelist
Posted: Fri Sep 12, 2014 10:24 am
by optimanet
hi,
i am using WAF rules, but not ASL.
to activate whitelist, may i just rename '00_asl_whitelist.conf.disabled' into '00_asl_whitelist.conf' and define the needed IPs in /etc/asl/whitelist - apache2 reload?
or do WAF rule updates overwrite '00_asl_whitelist.conf' back into '00_asl_whitelist.conf.disabled', periodically?
regards,
andi
Re: whitelist
Posted: Fri Sep 12, 2014 1:36 pm
by mikeshinn
Yes, however what are you using to update and install your rules? We dont distribute any rules with the .disabled extension, nor do we install rules with that extension.
Re: whitelist
Posted: Fri Sep 12, 2014 3:25 pm
by optimanet
hi,
i did install your ruleset etc. through plesk 12 gui.
there are several files with .disabled extension:
# ls | grep disabled
00_asl_rbl.conf.disabled
00_asl_whitelist.conf.disabled
05_asl_scanner.conf.disabled
11_asl_data_loss.conf.disabled
15_asl_paranoid_rules.conf.disabled
40_asl_apache2-rules.conf.disabled
70_asl_csrf_experimental.conf.disabled
98_asl_jitp.conf.disabled
99_asl_a_redactor.conf.disabled
99_asl_redactor.conf.disabled
99_asl_redactor_post.conf.disabled
99_asl_scanner.conf.disabled
regards,
andi
Re: whitelist
Posted: Fri Sep 12, 2014 4:10 pm
by mikeshinn
Ah, so Plesk is doing that. Well, in that case you may have to ask them what the right way is to enable a ruleset, it might just switch it back to .disabled. they are supposed to be using aum to install our rules, and aum doesnt do that, so my guess is they arent using aum.