Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:mod_security_tips_tricks [2015/04/07 21:54] Jackson Zhang |
litespeed_wiki:mod_security_tips_tricks [2015/07/29 16:09] Michael Alegre removed |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== mod_security tips and tricks ====== | ====== mod_security tips and tricks ====== | ||
| Mod_security engine is built-into LiteSpeed lshttpd binary, which is already an optimized implementation. No further compiling or installation required. | Mod_security engine is built-into LiteSpeed lshttpd binary, which is already an optimized implementation. No further compiling or installation required. | ||
| + | |||
| + | Mod_security engine follows Apache's SecAuditLog. Please also make sure the file is writable by "nobody" user. | ||
| Even though we try hard to be compatible with most popular mod_security rules, at the moment, customers still experience some incompatibility issues from time to time. [[http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility|Here]] we have addressed the issues. However, to help workaround them, we create this list of tips and tricks. Hopefully, their lives become easier before the issues get resolved permanently. | Even though we try hard to be compatible with most popular mod_security rules, at the moment, customers still experience some incompatibility issues from time to time. [[http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility|Here]] we have addressed the issues. However, to help workaround them, we create this list of tips and tricks. Hopefully, their lives become easier before the issues get resolved permanently. | ||
| Line 7: | Line 9: | ||
| * @inspectFile (http://www.litespeedtech.com/support/forum/showpost.php?p=46121&postcount=3 by ElliotP) | * @inspectFile (http://www.litespeedtech.com/support/forum/showpost.php?p=46121&postcount=3 by ElliotP) | ||
| <file> | <file> | ||
| - | With CSX (http://configserver.com/cp/cxs.html) if you use the CXS Watch feature, | + | With CXS (http://configserver.com/cp/cxs.html) if you use the CXS Watch feature, |
| it will listen for new and modified files and scan them anyway, so you get the | it will listen for new and modified files and scan them anyway, so you get the | ||
| same result, without needing @inspectFile | same result, without needing @inspectFile | ||