如何在Linux中禁用Mod_Security. [英] How to disable Mod_Security in linux.

问题描述

大家好，

我试图运行cgi-bin文件夹下的一些脚本，但是mod_security不允许我这样做.
我尝试通过在文档根目录(我认为是/var/www/html)下创建具有以下值的.htaccess禁用mod_security

Hello all,

I was trying to run some script which is under cgi-bin folder, but mod_security is not allowing me to do so.
I tried disabling mod_security by creating .htaccess under my document root (I think which is /var/www/html) with following values

<IfModule mod_security2.c>
SecRuleEngine Off
SecAuditEngine Off
</IfModule>

但我仍然可以在http错误日志中看到:

but still I could see in http error log:

[Thu Mar 10 21:36:22 2011] [error] [client 10.206.152.61] ModSecurity: Access denied with code 501 (phase 2). Match of "rx (?:^(?:application\\\\/x-www-form-urlencoded(?:;(?:\\\\s?charset\\\\s?=\\\\s?[\\\\w\\\\d\\\\-]{1,18})?)??$|multipart/form-data;)|text/xml)" against "REQUEST_HEADERS:Content-type" required. [id "960010"] [msg "Request content type is not allowed by policy"] [severity "WARNING"] [hostname "10.209.116.191"] [uri "/cgi-bin/perf.pl"] [unique_id "BtPUSX8AAAEAADttKm0AAAAB"]
----------------------

有人可以帮我吗，我想念什么还是有其他替代方法吗?
(我正在使用apache 2.2.6版)

在此先感谢
Tanuj

Can someone help me out , am I missing something or is there any alternative way?
(I am using apache version 2.2.6)

Thanks in advance
Tanuj

推荐答案

| multipart/form-data;)| text/xml)针对"REQUEST_HEADERS:Content-type".[id" 960010] [msg 策略不允许请求的内容类型"] [严重性警告"] [主机名"10.209.116.191"] [uri"/cgi-bin/perf.pl"] [unique_id"BtPUSX8AAAEAADttKm0AAAAB"] ----------------------

|multipart/form-data;)|text/xml)" against "REQUEST_HEADERS:Content-type" required. [id "960010"] [msg "Request content type is not allowed by policy"] [severity "WARNING"] [hostname "10.209.116.191"] [uri "/cgi-bin/perf.pl"] [unique_id "BtPUSX8AAAEAADttKm0AAAAB"] ----------------------

有人可以帮我吗，我想念什么还是有其他替代方法吗?
(我正在使用apache 2.2.6版)

在此先感谢
Tanuj

Can someone help me out , am I missing something or is there any alternative way?
(I am using apache version 2.2.6)

Thanks in advance
Tanuj

我不知道您的httpd.conf和相关文件，您呢?

您是否有类似modsecurity_crs_15_customrules.conf的文件? ModSecurity是另一个由所有这些文件控制的Apache模块，没什么特别的，但是您需要动手学习本产品及其语法.您可能会删除该产品的任何使用，甚至将其卸载，但是首先安装安全性的目的是什么?我想一定安全.因此，我建议您仅学习规则并使用相关的语法.这是整个语言.

您是否阅读过以下内容: http://www.modsecurity .org/documentation/modsecurity-apache/2.5.12/modsecurity2-apache-reference.html#configuration-directives [

I don''t know your httpd.conf and related files, how about you?

Do you have something like modsecurity_crs_15_customrules.conf file? ModSecurity is just yes another Apache module, controlled by all those files, nothing special, but you need to make you hands dirty and learn this product and its syntax. You can of cause remove any use of this product or even uninstall it, but what was the purpose of installing security in first place? Some security, I presume. So I suggests you simply learn the rules and use related syntax. This is whole language.

Did you read this: http://www.modsecurity.org/documentation/modsecurity-apache/2.5.12/modsecurity2-apache-reference.html#configuration-directives[^]?

—SA

如何禁用:
1.检入httpd.conf文件，从该目录面向所有conf文件->在大多数情况下，它是:< pre.conf.d/*.conf</pre>这意味着将使用conf.d目录下的所有配置文件.

2.现在转到/etc/httpd/conf.d目录，并检查mod_security.conf文件.
3.打开该文件，您可以看到将所有规则用于Web服务器modsecurity.
4.评论您不想使用的规则
例如. < code> lang ="xml">& lt; IfModule mod_security2.c
#这是ModSecurity核心规则集.
#基本配置进入此处
#包含modsecurity.d/modsecurity_crs_10_config.conf
#协议违规和异常.
#包含modsecurity.d/modsecurity_crs_20_protocol_violations.conf
#include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf</code>

如您所见，我不想使用协议验证规则，因此我注释了这一行特殊代码.
5.现在重新启动您的httpd服务/etc/init.d/httpd重新启动

谢谢
tanuj

how to disable:
1. check in httpd.conf file , from where it is facing all the conf file -> in most of the cases it is : <pre>conf.d/*.conf</pre> which means is will use all the config file under conf.d dir.

2. now go to /etc/httpd/conf.d dir and check for mod_security.conf file.
3. open this file , and you can see what all rules will be used for web-server modsecurity.
4 . comment the rule which you don''t want to use
eg. <code>lang="xml">&lt;IfModule mod_security2.c
# This is the ModSecurity Core Rules Set.
# Basic configuration goes in here
# Include modsecurity.d/modsecurity_crs_10_config.conf
# Protocol violation and anomalies.
# Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf
#Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf</code>

as you can see i don''t want to use protocol validation rule , so i commented this particular line of code.
5. now restart you httpd service /etc/init.d/httpd restart

thanks
tanuj

这篇关于如何在Linux中禁用Mod_Security.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！