Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
litespeed_wiki:mod_security_tips_tricks [2015/07/29 16:09] Michael Alegre removed |
— (current) | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== mod_security tips and tricks ====== | ||
| - | Mod_security engine is built-into LiteSpeed lshttpd binary, which is already an optimized implementation. No further compiling or installation required. | ||
| - | Mod_security engine follows Apache's SecAuditLog. Please also make sure the file is writable by "nobody" user. | ||
| - | |||
| - | Even though we try hard to be compatible with most popular mod_security rules, at the moment, customers still experience some incompatibility issues from time to time. [[http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility|Here]] we have addressed the issues. However, to help workaround them, we create this list of tips and tricks. Hopefully, their lives become easier before the issues get resolved permanently. | ||
| - | |||
| - | === Not Yet Support Features === | ||
| - | * @inspectFile (http://www.litespeedtech.com/support/forum/showpost.php?p=46121&postcount=3 by ElliotP) | ||
| - | <file> | ||
| - | With CXS (http://configserver.com/cp/cxs.html) if you use the CXS Watch feature, | ||
| - | it will listen for new and modified files and scan them anyway, so you get the | ||
| - | same result, without needing @inspectFile | ||
| - | </file> | ||
| - | |||
| - | <file> | ||
| - | There is another free alternative, through PHP suhosin upload.verification_script | ||
| - | https://suhosin.org/stories/configuration.html#suhosin-upload-verification-script | ||
| - | |||
| - | </file> | ||
| - | |||
| - | For the @inspectFile support, we do have a plan to implement it in 5.x release. | ||