Those look good to me, and you might want to add some extra ones just to start.
# Log only relevant entries and log it
SecAuditEngine RelevantOnly
SecAuditLog /var/log/httpd/modsec_audit.log
# Filter only Dynamic content (to minimize performance impact) should be tested to be sure that it does what is expected
SecFilter DynamicOnly
Just my 2 cents :)
Paulo
2008/11/21 Dennis Gilmore <dennis@xxxxxxxx>
forwarding to the correct list
-------------------------------------------------------
---------- Forwarded Message ----------
Subject: [Fedora-sysadmin-list] Web Security
Date: Friday 21 November 2008
From: "Damian Myerscough" <damian.myerscough@xxxxxxxxx>
To: "Fedora Administration and Infrastructure project" <fedora-sysadmin-
list@xxxxxxxxxx>
Hello All,
I have managed to get a bit of free time to create some simple rules
for mod_security
which would be suitable for the web servers which we are currently
running. I have wrote
some generic rules which should be compatible with all the web
servers. However, we could
write rules which are much stricter for the web applications that are
hosted off the web servers.
Let me know what people think about the rules that I have attached.
Just a note, the final rule should point to maybe a security notice...
it would currently just redirect users
to fedoraproject.org.
--
Regards,
Damian Myerscough
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list