What is the difference between "/etc/httpd/conf.d/" and "/etc/httpd/conf.modules.d/" directories?
Hello,
I'm using CentOS 8 x86_64 and I installed ModSecurity on it. According to the https://github.com/coreruleset/corer....4/dev/INSTALL, I must add below lines to the "httpd.conf/apache2.conf" file, but that file is for Debian: Code:
<IfModule security2_module>
Thank you. |
Why don't you look inside? They are simple text files. If I remember well, one is for configuring Apache to use mod_security. The other is for configuring mod_security itself. Which is which? I suggest you figure it out.
|
Quote:
I did, but I'm not familiar with it and don't know which one is for configuring Apache to use mod_security and which one is for configuring mod_security itself. The content of the first file is : Code:
$ cat /etc/httpd/conf.modules.d/10-mod_security.conf https://paste.ubuntu.com/p/Rtz6jRrwzT/ I added below lines to "/etc/httpd/conf.d/mod_security.conf" file and restarted my Apache: Code:
IncludeOptional modsecurity.d/owasp-modsecurity-crs/*.conf Code:
httpd.service - The Apache HTTP Server Code:
SecAction \ |
This is the definitive documentation for the Apache web server.
Search, read and learn.... |
Quote:
Quote:
I can't comment on the rest. Perhaps scasey's link helps. |
Quote:
|
My problem solved.
I removed the rules that I installed manually and problem solved. Kind of conflict. When you install "mod_security_crs" package, then it installed the OWASP ModSecurity Core Rule Set. |
Quote:
|
All times are GMT -5. The time now is 01:17 AM. |