Uploaded image for project: 'JBoss Web Server'
  1. JBoss Web Server
  2. JWS-199

RHEL: mod_security: Apache HTTP rules updater is obsolete

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • JWS 3.0.1 CR1
    • JWS 3.0.0 CR1
    • httpd
    • None
    • Release Notes
    • Hide
      The obsolete mod_security rule updater script `rules-updater-jws3.pl` was erroneously included in JBoss Web Server 3.0.

      This script needs an existing repository, but the modsecurity.org repository does not work. If the script is used, it may show output similar to the following:

      ----
      # ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs
      Could not load GnuPG module - cannot verify ruleset signatures
      Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ...
      Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found
      ----

      The obsolete mod_security rule updater script `rules-updater-jws3.pl` has been removed in this release.
      Show
      The obsolete mod_security rule updater script `rules-updater-jws3.pl` was erroneously included in JBoss Web Server 3.0. This script needs an existing repository, but the modsecurity.org repository does not work. If the script is used, it may show output similar to the following: ---- # ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs Could not load GnuPG module - cannot verify ruleset signatures Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ... Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found ---- The obsolete mod_security rule updater script `rules-updater-jws3.pl` has been removed in this release.
    • Documented as Resolved Issue
    • Hide

      1) Change directory to httpd/sbin.
      2) ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs

      Show
      1) Change directory to httpd/sbin. 2) ./rules-updater-jws3.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs

      The Apache httpd rules-updater-jws3.pl script for mod_security needs existing repository, but the modsecurity.org repo (1) does not work (2).

      [root@dell-t7400-01 sbin]# ./rules-updater-jws3.pl  -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Fmodsecurity-crs
Could not load GnuPG module - cannot verify ruleset signatures
Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ...
Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found

      The rules should be at the moment updated manually from OWASP ModSecurity (3, 4) as suggested on modsecurity.org page (5). Please remove the script.

      (1) http://www.modsecurity.org/autoupdate/repository/
      (2) http://sourceforge.net/p/mod-security/mailman/message/31339092/
      (3) https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
      (4) https://github.com/SpiderLabs/owasp-modsecurity-crs
      (5) http://www.modsecurity.org/rules.html

              weli@redhat.com Weinan Li
              fgoldefu@redhat.com Filip Goldefus (Inactive)
              Bogdan Sikora Bogdan Sikora (Inactive)
              Lucas Costi Lucas Costi (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: