Uploaded image for project: 'JBoss Web Server'
  1. JBoss Web Server
  2. JWS-199

RHEL: mod_security: Apache HTTP rules updater is obsolete

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • JWS 3.0.1 CR1
    • JWS 3.0.0 CR1
    • httpd
    • None
    • Release Notes
    • Hide
      The obsolete mod_security rule updater script `rules-updater-jws3.pl` was erroneously included in JBoss Web Server 3.0.

      This script needs an existing repository, but the modsecurity.org repository does not work. If the script is used, it may show output similar to the following:

      ----
      # ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs
      Could not load GnuPG module - cannot verify ruleset signatures
      Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ...
      Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found
      ----

      The obsolete mod_security rule updater script `rules-updater-jws3.pl` has been removed in this release.
      Show
      The obsolete mod_security rule updater script `rules-updater-jws3.pl` was erroneously included in JBoss Web Server 3.0. This script needs an existing repository, but the modsecurity.org repository does not work. If the script is used, it may show output similar to the following: ---- # ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs Could not load GnuPG module - cannot verify ruleset signatures Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ... Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found ---- The obsolete mod_security rule updater script `rules-updater-jws3.pl` has been removed in this release.
    • Documented as Resolved Issue
    • Hide

      1) Change directory to httpd/sbin.
      2) ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs

      Show
      1) Change directory to httpd/sbin. 2) ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs

    Description

      The Apache httpd rules-updater-jws3.pl script for mod_security needs existing repository, but the modsecurity.org repo (1) does not work (2).

      [root@dell-t7400-01 sbin]# ./rules-updater-jws3.pl  -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs
Could not load GnuPG module - cannot verify ruleset signatures
Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ...
Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found

      The rules should be at the moment updated manually from OWASP ModSecurity (3, 4) as suggested on modsecurity.org page (5). Please remove the script.

      (1) http://www.modsecurity.org/autoupdate/repository/
      (2) http://sourceforge.net/p/mod-security/mailman/message/31339092/
      (3) https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
      (4) https://github.com/SpiderLabs/owasp-modsecurity-crs
      (5) http://www.modsecurity.org/rules.html

      Attachments

        Activity

          People

            weli@redhat.com Weinan Li
            fgoldefu@redhat.com Filip Goldefus (Inactive)
            Bogdan Sikora Bogdan Sikora (Inactive)
            Lucas Costi Lucas Costi (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: