85 Commits

Author SHA1 Message Date
Felipe Zimmerle
a9a39255b9 Version 2.9.0
Increasing version to 2.9.0.
2015-02-12 10:58:11 -08:00
Felipe Zimmerle
b304ab1aa2 Improves SecRemoteRules messages on IIS
IIS was not displaying correctly the error messages and the amount of
loaded rules while the operator SecRemoteRules was used.
2015-02-12 09:37:32 -08:00
Felipe Zimmerle
f6d6cea015 IIS: Creates IIS_VERSION definition
This definition is currently used in two different circumstances: Report with
accuracy that the server is an IIS  (status call), and also show the amount of
loaded remote rules on the windows logs. Different from Apache which loads the
rules twice, IIS just do it once.
2014-12-11 14:47:59 -08:00
Felipe Zimmerle
6c0cdab35a IIS: Changes Curl version and removes OpenSSL dependency
As the this new Curl version supports well the Windows certificate storage,
removing the dependency on the OpenSSL. Also changing the build scripts to work
accordingly. As the cmake build of Curl is said to broken abandoning it in
favor of the nmake files. Thanks to Gregg Smith and Steffen.
2014-12-11 14:47:59 -08:00
Felipe Zimmerle
23f6f6e6e6 Version 2.9.0-RC1
Increasing version to 2.9.0-RC1.
2014-11-17 19:34:55 -08:00
Felipe Zimmerle
277f2e1e6f iis: adds openssl to the build scripts
openssl is necessary to have curl talking in https.
2014-11-17 19:32:43 -08:00
Felipe Zimmerle
9fe72b72de Improves the CA validation
On IIS CA validation was not working as libcurl on windows does not look for a
certificate store, unless it is specified. The resource downloads are now
respecting the SecRemoteRulesFailAction.
2014-11-17 19:32:32 -08:00
Felipe Zimmerle
b02256cf1e IIS: temporary removes ssdeep support on IIS
It seems likes ssdeep compilation is facing problems linking on 64bits
platforms. Temporary disable to 2.9.0-RC1 release (IIS only).
2014-11-16 16:56:23 -08:00
Felipe Zimmerle
85c7ba0c7e IIS: Adds ssdeep/libfuzzy to msi installer
fuzzy.dll should be installed by the ModSecurityIIS installer.
2014-11-16 16:56:14 -08:00
Felipe Zimmerle
858d480ec9 iis: Copy yajl.dll into release files folder
This will help the automagically release process
2014-11-15 07:37:57 -08:00
Felipe Zimmerle
73d7955ac1 Fix the compatible IIS versions
At installer file the IIS 6 was considered supported, however, it is
not supported. Supported IIS versions are 7 and 8.
2014-11-14 13:45:49 -08:00
Felipe Zimmerle
9b836b652a Initial support to load rules from a remote server
New directive `SecRemoteRules' was added. It allows the user to load a
set of rules from a given HTTP server.
2014-11-14 11:53:40 -08:00
Felipe Zimmerle
81bde0842d Adds curl support to main core
Curl was used only by mlogc, as we want to expand ModSecurity to load
external rules/resources it is now a dependency of the core as well.
2014-11-14 11:53:40 -08:00
Felipe \"Zimmerle\" Costa
7affec82a8 iis: Adds ssdeep support 2014-11-14 11:53:39 -08:00
Felipe "Zimmerle" Costa
d4c2b96b89 IIS: Changes event ID (Issue #676)
ModSecurityIIS was reporting events to Windows using ID 0
which seems cause an unexpected verbose message at the
event logger window as reported on #676, changing the ID
to 0x1, although will be nice to have separated events for
misconfiguration, warnings, etc...
2014-05-23 09:35:00 -03:00
Felipe "Zimmerle" Costa
0f7cbced8c IIS: Cosmetics: Removes CLFR.
Converts mymodule.cpp from CLRF to Unix format as the rest
of the repository.
2014-05-23 09:30:19 -03:00
Felipe "Zimmerle" Costa
1d3c8349fa IIS: Adds a VS Custom build to speed up the dev process
Custom build stops the IIS Server before start the compilation.
After finish the compilation the ModSecurity.DLL is copied to the
inetsrv folder and the IIS is restarted.
2014-05-23 09:28:15 -03:00
Felipe "Zimmerle" Costa
3a7def63a3 IIS: Adds mlogc to ModSecurity solution 2014-05-22 18:34:29 -03:00
Felipe "Zimmerle" Costa
90c5a420da IIS: Cosmetics: Files are better grouped in VS
This commit places the files inside the correct filters
2014-05-22 10:22:18 -03:00
Felipe Zimmerle
0826380acd Version 2.8.0 2014-03-31 19:31:02 -07:00
Felipe Zimmerle
66939d059b Adds initial support to @detectXSS
Libinject was recently updated to support XSS detection. This commit adds
initial support to it.
2014-03-31 16:22:11 -07:00
Felipe "Zimmerle" Costa
8ff3de5b6f iis: Disables installer repair
Currently we don't have support to repair, so, this commit is
marking it as disabled.
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
d6dd1f0e94 iis: Adding VC110 files to the Windows installer
For some reason the DLLs still demands the dependencies of the
VC110 files. Providing those as part of the MSI installer
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
93b12df721 iis: Removes unnecessary files.
"Installer project" is now longer used.
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
fe727c7021 iis: Updated OWASP crs to version 2.2.9 2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
10db384316 iis: Adds cleanup methods to the installer
Older versions of ModSecurity left files/configurations behind. This commit
adds capability to cleanup the IIS configuration files.
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
f8f06f7930 IIS: Updates build_msi.bat to fit the new WiX install options
Instead of -dPlatform a recent update in the WiX files are demanding
the parameter -arch, although this parameter is not valid nor needed
while running "light".
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
4d7d1ba822 iis: Adds listing dependencies script
This script could be used in order to verify all ModSecurity run time
dependencies. It is now part of ModSecurity folder in Program menu.
Cosmetics changes in the installer
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
619758c0c2 iis: Adds condition to avoid the use of 32b msi on a 64b os
The 64bits version of the package offer the possibility to install the 32bits
version of the DLL along with all 32bits dependencies.
2014-03-31 16:22:10 -07:00
Felipe "Zimmerle" Costa
93a86f6f33 iis: Adds Visual C++ 12.0 Runtime to be part of the msi package
Visual C++ 12.0 Runtime files are now part of ModSecurity MSI package.
Users don't have to download the vcredist files anymore. Build script
was also updated, to handle the new flag -arch.
2014-03-31 16:22:10 -07:00
Felipe Zimmerle
ec61749a68 Changes JSON parser to not accept parcial contents
Also cleanup installer file.
2014-03-31 16:22:10 -07:00
Felipe Zimmerle
a95f37196e Adds JSON support on ISS port
The JSON parse is already supported in Nginx and Apache
versions. This patch adds support on the IIS port.
2014-03-31 16:22:09 -07:00
Felipe Zimmerle
0787b45481 Adds support to JSON parser in the nginx module
Building with --enable-standalone-module was failing due
the lack of the reference to the msc_json.c file inside the
standalone/Makefile.am. This patch also place the dependency
of the yajl to the nginx module config script.
2014-03-31 16:22:09 -07:00
Ulisses Albuquerque
c23097ce18 Added support for JSON body processor 2014-03-31 16:22:09 -07:00
Felipe "Zimmerle" Costa
20014c808c Adds modsecStatusEngineCall to standalone API
In ModSecurityIIS the configuration is loaded upon the first request
is received. In other words, SecStatusEngine value can be only
loaded once the first request hit the server, and so, the status
function was moved to proceed just after the configuration got loaded.
This update is IIS only.
2014-03-31 07:14:55 -07:00
Felipe Zimmerle
e131e2222d Adds support to status engine on IIS version
Fixes on the windows versions: build, mac address and machine name retrieval
2014-03-31 07:14:55 -07:00
Felipe Zimmerle
5342f36162 iis: Uses code 400 instead of 44 in modsecurity.conf
Following the recent changes that has been made on:
modsecurity.conf-recommended
2014-03-31 07:14:55 -07:00
Felipe Zimmerle
a0ed3dbbe2 Merge pull request #666 from derhansen/master
Uses code 400 instead of 44 in modsecurity.conf-recommended
2014-03-31 07:13:46 -07:00
David Andrews
dda91f1689 Standalone: independently destroy the connection and request pools
Add independent modsecFinishConnection API that allows you to independently
destroy the connection and request pools. This is to facilitate reuse of a
connection for multiple requests.
2014-03-03 14:17:00 -08:00
Felipe \"Zimmerle\" Costa
7366f35c1d Code cosmetics.
Changed to reduce the number of possible fails during
Build Bot compilation.
2013-12-12 14:53:32 -08:00
Felipe \"Zimmerle\" Costa
9bf2959c91 iis: Waiting for 5 seconds before move curl directory
Testing buildbot.
2013-12-12 11:47:11 -08:00
Felipe \"Zimmerle\" Costa
ad330a44bf iis: Avoids directory link while building
Build scripts was creating links allowing the project to
be loaded into Visual Studio without care about the
dependencies versions. Sometimes windows refuse to delete
those links leading the script to fail. This patch
moves the sources directories instead of create links
to it.
2013-12-12 11:43:11 -08:00
Felipe \"Zimmerle\" Costa
7b1537058f iis: Using base_rules instead of activated_rules 2013-11-13 18:32:55 -02:00
Felipe \"Zimmerle\" Costa
2ea5a74a7b iis: New improvements on the Wix installer
- Now the installation is divided in modules: ModSecurity and CRS.
- Added default configuration
- Configuration was moved to "Program Files" folder
- Build_msi script now using candle available in %PATH%
2013-11-13 17:26:28 -02:00
Felipe \"Zimmerle\" Costa
1a12648c9f iis: Removes the installer helper dependency
Now using appcmd directly with WiX instead of calling the installer
helper.
2013-11-12 16:22:01 -08:00
Felipe \\\"Zimmerle\\\" Costa
550d5aae21 iis: Remove readme.html
This HTML is about "Creating a Native Module for IIS7" not straight
related to ModSecurity itself.
2013-11-08 10:33:17 -02:00
Felipe \\\"Zimmerle\\\" Costa
a2c5fc831b iis: Adds batch script to compile Wix
This batch script can be used to generate our
msi installer.
2013-11-07 19:22:50 -02:00
Felipe \\\"Zimmerle\\\" Costa
3604763e15 iis: Adds Wix installer resources
This is all about cosmetic changes.
2013-11-07 18:47:16 -02:00
Felipe \\\"Zimmerle\\\" Costa
b32cb7d9ab iis: Adds Wix installer xml file.c
This commit adds the Wix template to our git repository.
2013-11-07 16:49:09 -02:00
Felipe \\\"Zimmerle\\\" Costa
7e03e3f840 iis: build_modsecurity.bat fixies
This commit enable a cleanup on the mod_security build directory
avoiding symbols with different architectures.
2013-11-07 07:01:48 -06:00