github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Initial support to load rules from a remote server

Browse Source 
New directive `SecRemoteRules' was added. It allows the user to load a
set of rules from a given HTTP server.
This commit is contained in:
Felipe Zimmerle
2014-10-22 14:23:20 -07:00
parent 899ee0c365
commit 9b836b652a
12 changed files with 902 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
apache2/mod_security2.c
View File

@@ -33,6 +33,8 @@
#include "apr_version.h"
#include "msc_remote_rules.h"
#if defined(WITH_LUA)
#include "msc_lua.h"
#endif
@@ -66,6 +68,8 @@ unsigned long int DSOLOCAL msc_pcre_match_limit = 0;
unsigned long int DSOLOCAL msc_pcre_match_limit_recursion = 0;
msc_remote_rules_server DSOLOCAL *remote_rules_server = NULL;
int DSOLOCAL status_engine_state = STATUS_ENGINE_DISABLED;
int DSOLOCAL conn_limits_filter_state = MODSEC_DISABLED;
@@ -752,6 +756,24 @@ static int hook_post_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_t
"SecStatusEngine to On.");
}
#endif
if (remote_rules_server != NULL)
{
if (remote_rules_server->amount_of_rules == 1)
{
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL,
"ModSecurity: Loaded %d rule from: '%s'.",
remote_rules_server->amount_of_rules,
remote_rules_server->uri);
}
else
{
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL,
"ModSecurity: Loaded %d rule from: '%s'.",
remote_rules_server->amount_of_rules,
remote_rules_server->uri);
}
}
}
srand((unsigned int)(time(NULL) * getpid()));