From 2d80689ac43fd015f67f528b64ef4be44dc3f057 Mon Sep 17 00:00:00 2001 From: ivanr Date: Fri, 29 Jun 2007 23:23:00 +0000 Subject: [PATCH] Clarified that we are a GPLv2-only project. --- doc/modsecurity2-apache-reference.xml | 38 ++++++++++++++------------- 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml index 42123eac..8b1fb448 100644 --- a/doc/modsecurity2-apache-reference.xml +++ b/doc/modsecurity2-apache-reference.xml @@ -167,12 +167,11 @@ ModSecurity is available under two licenses. Users can choose to use the software under the terms of the GNU General Public License - (http://www.gnu.org/licenses/gpl.html),as - an Open Source / Free Software product. A range of commercial licenses - is also available, together with a range of commercial support - contracts. For more information on commercial licensing please contact - Breach Security. + version 2 (licence text is included with the distribution),as an Open + Source / Free Software product. A range of commercial licenses is also + available, together with a range of commercial support contracts. For + more information on commercial licensing please contact Breach + Security. ModSecurity, mod_security, and ModSecurity Pro are trademarks or @@ -1037,12 +1036,13 @@ SecAuditLogStorageDir logs/audit Development of a state of the art external protection tool will be a focus of subsequent ModSecurity releases. However, a fully functional tool is already available as part of the Apache httpd tools project - (http://www.apachesecurity.net/tools/). The - tool is called httpd-guardian and can be used to defend against Denial - of Service attacks. It uses the blacklist tool (from the same project) - to interact with an iptables-based (Linux) or pf-based (*BSD) firewall, - dynamically blacklisting the offending IP addresses. It can also - interact with SnortSam (http://www.snortsam.net). Assuming + (http://www.apachesecurity.net/tools/). + The tool is called httpd-guardian and can be used to defend against + Denial of Service attacks. It uses the blacklist tool (from the same + project) to interact with an iptables-based (Linux) or pf-based (*BSD) + firewall, dynamically blacklisting the offending IP addresses. It can + also interact with SnortSam (http://www.snortsam.net). Assuming httpd-guardian is already configured (look into the source code for the detailed instructions) you only need to add one line to your Apache configuration to deploy it: @@ -1878,10 +1878,12 @@ SecRule HTTP_Host "!^$" "deny,phase:1"id_: SecRule ARGS:/^id_/ dirty - - In ModSecurity 1.X, the ARGS variable stood - for QUERY_STRING + POST_PAYLOAD, - whereas now it expands to to individual variables. + + + In ModSecurity 1.X, the ARGS variable stood + for QUERY_STRING + POST_PAYLOAD, + whereas now it expands to to individual variables. +
@@ -4030,7 +4032,7 @@ SecRule XML:/soap:Envelope/soap:Body/q1:getInput/id() "123" phase:2,denyPCRE_DOLLAR_ENDONLY flags are set during compilation, meaning a single dot will match any character, including the newlines and a $ - end anchor will not match a trailing newline charater. + end anchor will not match a trailing newline charater.
@@ -4173,4 +4175,4 @@ SecRule XML "@validateSchema /path/to/apache2/conf/xml.xsd - + \ No newline at end of file