hi,
i am using WAF rules, but not ASL.
to activate whitelist, may i just rename '00_asl_whitelist.conf.disabled' into '00_asl_whitelist.conf' and define the needed IPs in /etc/asl/whitelist - apache2 reload?
or do WAF rule updates overwrite '00_asl_whitelist.conf' back into '00_asl_whitelist.conf.disabled', periodically?
regards,
andi
whitelist
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: whitelist
Yes, however what are you using to update and install your rules? We dont distribute any rules with the .disabled extension, nor do we install rules with that extension.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: whitelist
hi,
i did install your ruleset etc. through plesk 12 gui.
there are several files with .disabled extension:
# ls | grep disabled
00_asl_rbl.conf.disabled
00_asl_whitelist.conf.disabled
05_asl_scanner.conf.disabled
11_asl_data_loss.conf.disabled
15_asl_paranoid_rules.conf.disabled
40_asl_apache2-rules.conf.disabled
70_asl_csrf_experimental.conf.disabled
98_asl_jitp.conf.disabled
99_asl_a_redactor.conf.disabled
99_asl_redactor.conf.disabled
99_asl_redactor_post.conf.disabled
99_asl_scanner.conf.disabled
regards,
andi
i did install your ruleset etc. through plesk 12 gui.
there are several files with .disabled extension:
# ls | grep disabled
00_asl_rbl.conf.disabled
00_asl_whitelist.conf.disabled
05_asl_scanner.conf.disabled
11_asl_data_loss.conf.disabled
15_asl_paranoid_rules.conf.disabled
40_asl_apache2-rules.conf.disabled
70_asl_csrf_experimental.conf.disabled
98_asl_jitp.conf.disabled
99_asl_a_redactor.conf.disabled
99_asl_redactor.conf.disabled
99_asl_redactor_post.conf.disabled
99_asl_scanner.conf.disabled
regards,
andi
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: whitelist
Ah, so Plesk is doing that. Well, in that case you may have to ask them what the right way is to enable a ruleset, it might just switch it back to .disabled. they are supposed to be using aum to install our rules, and aum doesnt do that, so my guess is they arent using aum.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone