Uploaded image for project: 'JBoss Core Services'
  1. JBoss Core Services
  2. JBCS-353

Should be mod_security enabled by defautl?

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Won't Fix
    • httpd 2.4.23 GA, httpd 2.4.23 SP1 ER1, httpd 2.4.29 DR5
    • None
    • httpd, mod_security, rpm, zip
    • None
    • Hide

      yum groupinstall jbcs-http24

      Show
      yum groupinstall jbcs-http24
    • Compatibility/Configuration, User Experience

    Description

      There are multiple module packages installed as part of groupinstall of jbcs-httpd24, but only mod_security is enabled. Other modules have their configs present only as .sample files. What is the reason for enabling mod_security by default?

      Actual state:

      .qa.[root@hp-dl380pgen8-02-vm-7]# find /opt/rh/jbcs-httpd24/root/ -name "*mod_security.conf"
      /opt/rh/jbcs-httpd24/root/etc/httpd/conf.d/mod_security.conf
      /opt/rh/jbcs-httpd24/root/etc/httpd/conf.modules.d/10-mod_security.conf
      
      

      Expected:
      /opt/rh/jbcs-httpd24/root/etc/httpd/conf.d/mod_security.conf.sample
      /opt/rh/jbcs-httpd24/root/etc/httpd/conf.modules.d/10-mod_security.conf.sample

      rhn-engineering-jclererhn-support-csutherl WDYT?

      Attachments

        Activity

          People

            gzaronik@redhat.com George Zaronikas
            jonderka@redhat.com Jan Onderka
            Jan Onderka Jan Onderka
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: