LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   What is the difference between "/etc/httpd/conf.d/" and "/etc/httpd/conf.modules.d/" directories? (https://www.linuxquestions.org/questions/linux-server-73/what-is-the-difference-between-etc-httpd-conf-d-and-etc-httpd-conf-modules-d-directories-4175691440/)

n00b_noob 03-02-2021 12:51 PM
What is the difference between "/etc/httpd/conf.d/" and "/etc/httpd/conf.modules.d/" directories?
 
Hello,
I'm using CentOS 8 x86_64 and I installed ModSecurity on it.
According to the https://github.com/coreruleset/corer....4/dev/INSTALL, I must add below lines to the "httpd.conf/apache2.conf" file, but that file is for Debian:
Code:
<IfModule security2_module>
          Include modsecurity.d/owasp-modsecurity-crs/crs-setup.conf
          Include modsecurity.d/owasp-modsecurity-crs/rules/*.conf
    </IfModule>
I found two files about the ModSecurity:
  1. /etc/httpd/conf.modules.d/10-mod_security.conf
  2. /etc/httpd/conf.d/mod_security.conf
But which file is OK to add above lines?

Thank you.

berndbausch 03-02-2021 04:22 PM
Why don't you look inside? They are simple text files. If I remember well, one is for configuring Apache to use mod_security. The other is for configuring mod_security itself. Which is which? I suggest you figure it out.

n00b_noob 03-03-2021 12:50 AM
Quote:
Originally Posted by berndbausch (Post 6226613)
Why don't you look inside? They are simple text files. If I remember well, one is for configuring Apache to use mod_security. The other is for configuring mod_security itself. Which is which? I suggest you figure it out.
Thank you.
I did, but I'm not familiar with it and don't know which one is for configuring Apache to use mod_security and which one is for configuring mod_security itself.
The content of the first file is :
Code:
$ cat /etc/httpd/conf.modules.d/10-mod_security.conf
LoadModule security2_module modules/mod_security2.so
<IfModule !mod_unique_id.c>
    LoadModule unique_id_module modules/mod_unique_id.so
</IfModule>
And the content of the second file is :
https://paste.ubuntu.com/p/Rtz6jRrwzT/

I added below lines to "/etc/httpd/conf.d/mod_security.conf" file and restarted my Apache:
Code:
IncludeOptional modsecurity.d/owasp-modsecurity-crs/*.conf
IncludeOptional modsecurity.d/owasp-modsecurity-crs/rules/*.conf
But I got below error:
Code:
httpd.service - The Apache HTTP Server
  Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/httpd.service.d
          └─php-fpm.conf
  Active: failed (Result: exit-code) since Wed 2021-03-03 10:23:52 +0330; 13s ago
    Docs: man:httpd.service(8)
  Process: 4023589 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
  Process: 4167747 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 4167747 (code=exited, status=1/FAILURE)
  Status: "Reading configuration..."

Mar 03 10:23:51 extra systemd[1]: Starting The Apache HTTP Server...
Mar 03 10:23:52 extra httpd[4167747]: [Wed Mar 03 10:23:52.263542 2021] [so:warn] [pid 4167747:tid 134683729852736>
Mar 03 10:23:52 extra httpd[4167747]: AH00526: Syntax error on line 829 of /etc/httpd/modsecurity.d/owasp-modsecur>
Mar 03 10:23:52 extra httpd[4167747]: ModSecurity: Found another rule with the same id
Mar 03 10:23:52 extra systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Mar 03 10:23:52 extra systemd[1]: httpd.service: Failed with result 'exit-code'.
Mar 03 10:23:52 extra systemd[1]: Failed to start The Apache HTTP Server.
And line 829 of that file is:
Code:
SecAction \
 "id:900990,\
  phase:1,\
  nolog,\
  pass,\
  t:none,\
  setvar:tx.crs_setup_version=330"  ==> Line 829
I never modified that file!!!

scasey 03-03-2021 01:03 AM
This is the definitive documentation for the Apache web server.
Search, read and learn....

berndbausch 03-03-2021 02:34 AM
Quote:
Originally Posted by n00b_noob (Post 6226728)
Code:
$ cat /etc/httpd/conf.modules.d/10-mod_security.conf
LoadModule security2_module modules/mod_security2.so
<IfModule !mod_unique_id.c>
    LoadModule unique_id_module modules/mod_unique_id.so
</IfModule>
LoadModule is an Apache directive. This is to configure Apache.

Quote:
Originally Posted by n00b_noob (Post 6226551)
According to the https://github.com/coreruleset/corer....4/dev/INSTALL, I must add below lines to the "httpd.conf/apache2.conf" file, but that file is for Debian
I think the central config file in Centos is /etc/httpd/conf/httpd.conf.

I can't comment on the rest. Perhaps scasey's link helps.

n00b_noob 03-03-2021 05:57 AM
Quote:
Originally Posted by berndbausch (Post 6226748)
LoadModule is an Apache directive. This is to configure Apache.


I think the central config file in Centos is /etc/httpd/conf/httpd.conf.

I can't comment on the rest. Perhaps scasey's link helps.
If you look at https://paste.ubuntu.com/p/Rtz6jRrwzT/, it has a "# ModSecurity Core Rules Set and Local configuration" section that start with "IncludeOptional". because of it, I added that lines to this section!!

n00b_noob 03-06-2021 05:03 AM
My problem solved.
I removed the rules that I installed manually and problem solved. Kind of conflict.
When you install "mod_security_crs" package, then it installed the OWASP ModSecurity Core Rule Set.

berndbausch 03-06-2021 06:18 AM
Quote:
Originally Posted by n00b_noob (Post 6227834)
My problem solved.
If I may comment on your question: You didn't mention any problem until now. If you want the community to help you solve the problem, state it.


All times are GMT -5. The time now is 01:17 AM.