[CKAN-Security] ckan and mod_security2

• Previous message: [CKAN-Security] Your CDN cache seem to be polluted
• Next message: [CKAN-Security] ckan and mod_security2
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
How can I install mod_security for my CKAN.
I followed this tutorial:
https://tecadmin.net/install-modsecurity-with-apache-on-centos-rhel/
And installed successfully.

But my CKAN instance is not affected by it.

I've now installed apache mod_security2. And it is now enabled.
*SecRuleEngine On*
But how do I connect my CKAN instance with mod_security2 ?
It seems that my CKAN is not affected by mod_security2.
I've tried appending like http://myckan/folder?abc=/../../test
And I don't see in log that the access was denied.

Interestingly the other website in the same server was noticing the
mod_security
http://my_mediawiki/folder/?abc=/../../test
The log captured the mod_security in action.

Hope to hear from you soon.
Thanks,
Eli Agbayani

-- 
You received this message because you are subscribed to the Google Groups "CKAN Security" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security+unsubscribe at ckan.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190923/936d0c98/attachment.html>

• Previous message: [CKAN-Security] Your CDN cache seem to be polluted
• Next message: [CKAN-Security] ckan and mod_security2
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]