Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:config:mod_security_faq [2018/11/27 20:51] Jackson Zhang [LSWS doesn't support "LocationMatch" directive] |
litespeed_wiki:config:mod_security_faq [2019/06/06 15:34] qtwrk |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Mod Security FAQ for LiteSpeed Web Server ====== | ====== Mod Security FAQ for LiteSpeed Web Server ====== | ||
+ | |||
+ | ===== Does LSWS Support the "@inspectFile" ? ===== | ||
+ | |||
+ | Yes, but please make sure that when use @inspectFile with 3rd-party scanner, the script returns ''0'' for block , and ''1'' for continue/pass. | ||
+ | |||
+ | Example code from mod_security [[https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#inspectfile|reference manual]]: | ||
+ | |||
+ | <code> | ||
+ | $output = "0 Unable to parse clamscan output [$1]"; | ||
+ | |||
+ | if ($error_message =~ m/: Empty file\.?$/) { | ||
+ | $output = "1 empty file"; | ||
+ | } | ||
+ | elsif ($error_message =~ m/: (.+) ERROR$/) { | ||
+ | $output = "0 clamscan: $1"; | ||
+ | } | ||
+ | elsif ($error_message =~ m/: (.+) FOUND$/) { | ||
+ | $output = "0 clamscan: $1"; | ||
+ | } | ||
+ | elsif ($error_message =~ m/: OK$/) { | ||
+ | $output = "1 clamscan: OK"; | ||
+ | } | ||
+ | </code> | ||
===== Does LSWS Support the "Concurrent" Type of Audit Log? ===== | ===== Does LSWS Support the "Concurrent" Type of Audit Log? ===== | ||
Line 46: | Line 69: | ||
The above error messages simply mean the given variables are not supported by LSWS yet. The errors can simply be ignored. We periodically review our mod_security engine and frequently add new support. Stay tuned. | The above error messages simply mean the given variables are not supported by LSWS yet. The errors can simply be ignored. We periodically review our mod_security engine and frequently add new support. Stay tuned. | ||
- | ===== You should not place 'SecDebugLogLevel' inside "LocationMatch" context ===== | + | ===== Does LSWS Support the "LocationMatch" directive? ===== |
- | When you use 'SecDebugLogLevel', 'SecAuditLogParts' or 'SecAuditLog' within "LocationMatch" directive, you may see the following error on LSWS: | + | When you use ''SecDebugLogLevel'', ''SecAuditLogParts'' or ''SecAuditLog'' within the ''LocationMatch'' directive, you may see the following errors on LSWS: |
Directive 'SecDebugLogLevel' is not allowed in current context. | Directive 'SecDebugLogLevel' is not allowed in current context. | ||
Directive 'SecAuditLogParts' is not allowed in current context. | Directive 'SecAuditLogParts' is not allowed in current context. | ||
Directive 'SecAuditLog' is not allowed in current context. | Directive 'SecAuditLog' is not allowed in current context. | ||
- | LSWS does support "LocationMatch" context but doesn't allow those three directives configured in it. Audit log is only set at server level, while debug log level can be set at vhost level. We have no plan to make it available at matching context level, which will be counterproductive to the optimization applied to the engine. | + | LiteSpeed Web Server //does// support the ''LocationMatch'' context, however the above three directives may not be configured within it. On LSWS, audit log can only be set at the server level, and the debug log level can be set at vhost level. We have no plans to make these directives available at the matching context level, as it would be counterproductive to the optimization applied to the engine. |