CPANEL ModSec2 not working with SecFilterSelective
Posted
by
jfreak53
on Server Fault
See other posts from Server Fault
or by jfreak53
Published on 2012-10-21T13:19:20Z
Indexed on
2012/10/27
5:05 UTC
Read the original article
Hit count: 241
Ok, I have cPanel/WHM latest on a Dedi, here are my specs on apache:
Server version: Apache/2.2.23 (Unix)
Server built: Oct 13 2012 19:33:23
Cpanel::Easy::Apache v3.14.13 rev9999
I just ran a re-compile using easyapache as you can see by the date. When running it I made sure that ModSec was selected and it stated in big bold letters something to the effect of If you install Apache 2.2.x you get ModSec 2
So I believed it :)
I recompiled, I then ran:
grep -i release /home/cpeasyapache/src/modsecurity-apache_2.6.8/apache2/mod_security2.c
Hmm, the file is there but grep doesn't output anything, if I run:
grep -i release /home/cpeasyapache/src/modsecurity-apache_1.9.5/apache2/mod_security.c
I of course get the ModSec 1 version output. But the thing is that ModSec2 is installed since the c file is there.
So I continued and put the following in modsec2.user.conf
:
SecFilterScanOutput On
SecFilterSelective OUTPUT "text"
Now when I restart Apache I get this error:
Syntax error on line 1087 of /usr/local/apache/conf/modsec2.user.conf:
Invalid command 'SecFilterScanOutput', perhaps misspelled or defined by a module not included in the server configuration
Now supposedly this is supposed to work, I even have it running in ModSec2 on a non-cpanel server setup manually. So I know ModSec2 supports it.
Anyone have any ideas? I have asked this question over at cpanel forum and it got nowhere.
© Server Fault or respective owner