From 44bb637bbe7dcd478fb0559156493a5190494c2b Mon Sep 17 00:00:00 2001 From: Yang Luo Date: Sat, 28 Jul 2018 22:09:13 +0800 Subject: [PATCH 1/2] Reformat the README to Markdown --- README.TXT | 110 ----------------------- README.md | 70 +++++++++++++++ README_WINDOWS.TXT => README_WINDOWS.md | 112 ++++++++++++------------ 3 files changed, 128 insertions(+), 164 deletions(-) delete mode 100644 README.TXT create mode 100644 README.md rename README_WINDOWS.TXT => README_WINDOWS.md (52%) diff --git a/README.TXT b/README.TXT deleted file mode 100644 index 03767e345f..0000000000 --- a/README.TXT +++ /dev/null @@ -1,110 +0,0 @@ -ModSecurity for Apache 2.x, http://www.modsecurity.org/ -Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/) - -You may not use this file except in compliance with -the License.  You may obtain a copy of the License at - -    http://www.apache.org/licenses/LICENSE-2.0 - -If any of the files related to licensing are missing or if you have any -other questions related to licensing please contact Trustwave Holdings, Inc. -directly using the email address security@modsecurity.org. - - -DOCUMENTATION - -Please refer to the documentation folder (/doc) for -the reference manual. - - -############################################## ----------------------------------- -OWASP ModSecurity Core Rule Set (CRS) - - -Project Site: -https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project - - -Download: -https://github.com/SpiderLabs/owasp-modsecurity-crs - ----------------------------------- - -ModSecurity™ is a web application firewall engine that provides very -little protection on its own. In order to become useful, ModSecurity™ must -be configured with rules. In order to enable users to take full advantage -of ModSecurity™ out of the box, Trustwave's SpiderLabs is providing a free -certified rule set for ModSecurity™ 2.x. Unlike intrusion detection and -prevention systems, which rely on signatures specific to known -vulnerabilities, the Core Rules provide generic protection from unknown -vulnerabilities often found in web applications, which are in most cases -custom coded. The Core Rules are heavily commented to allow it to be used -as a step-by-step deployment guide for ModSecurity™. -Core Rules Content - -In order to provide generic web applications protection, the Core Rules -use the following techniques: - -* HTTP Protection - detecting violations of the HTTP protocol and a -locally defined usage policy. -* Real-time Blacklist Lookups - utilizes 3rd Party IP Reputation -* Web-based Malware Detection - identifies malicious web content by check -against the Google Safe Browsing API. -* HTTP Denial of Service Protections - defense against HTTP Flooding and -Slow HTTP DoS Attacks. -* Common Web Attacks Protection - detecting common web application -security attack. -* Automation Detection - Detecting bots, crawlers, scanners and other -surface malicious activity. -* Integration with AV Scanning for File Uploads - detects malicious files -uploaded through the web application. -* Tracking Sensitive Data - Tracks Credit Card usage and blocks leakages. -* Trojan Protection - Detecting access to Trojans horses. -* Identification of Application Defects - alerts on application -misconfigurations. -* Error Detection and Hiding - Disguising error messages sent by the -server. - - ----------------------------------- -ModSecurity Rules from Trustwave SpiderLabs - -Project Site: -https://www.trustwave.com/modsecurity-rules-support.php - -Download: -https://ssl.trustwave.com/web-application-firewall - ----------------------------------- - - - -Trustwave now provides a commercial certified rule set for ModSecurity 2.x -that protects against known attacks that target vulnerabilities in public -software and are based on intelligence gathered from real-world -investigations, honeypot data and research. - -1. More than 16,000 specific rules, broken out into the following attack -categories: - * SQL injection - * Cross-site Scripting (XSS) - * Local File Include - * Remote File Include - -2. User option for application specific rules, covering the same -vulnerability classes for applications such as: - * WordPress - * cPanel - * osCommerce - * Joomla - * For a complete listing of application coverage, please refer to this -link (which is updated daily). -https://modsecurity.org/application_coverage.html - -3. Complements and integrates with the OWASP Core Rule Set -4. IP Reputation capabilities which provide protection against malicious -clients identified by the Trustwave SpiderLabs Distributed Web Honeypots -5. Malware Detection capabilities which prevent your web site from -distributing malicious code to clients. -############################################## diff --git a/README.md b/README.md new file mode 100644 index 0000000000..a40c07e8a0 --- /dev/null +++ b/README.md @@ -0,0 +1,70 @@ +ModSecurity for Apache 2.x +====== + +http://www.modsecurity.org/ + +Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/) + +You may not use this file except in compliance with the License. You may obtain a copy of the License at: https://www.apache.org/licenses/LICENSE-2.0 + +If any of the files related to licensing are missing or if you have any other questions related to licensing please contact Trustwave Holdings, Inc. directly using the email address: security@modsecurity.org. + + +## Documentation + +Please refer to: [the documentation folder](https://github.com/SpiderLabs/ModSecurity/tree/v2/master/doc) for the reference manual. + +## OWASP ModSecurity Core Rule Set (CRS) + +Project Site: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project + +Download: https://github.com/SpiderLabs/owasp-modsecurity-crs + +ModSecurity™ is a web application firewall engine that provides very little protection on its own. In order to become useful, ModSecurity™ must be configured with rules. In order to enable users to take full advantage of ModSecurity™ out of the box, Trustwave's SpiderLabs is providing a free certified rule set for ModSecurity™ 2.x. + +Unlike intrusion detection and prevention systems, which rely on signatures specific to known vulnerabilities, the Core Rules provide generic protection from unknown vulnerabilities often found in web applications, which are in most cases custom coded. The Core Rules are heavily commented to allow it to be used as a step-by-step deployment guide for ModSecurity™. + +### Core Rules Content + +In order to provide generic web applications protection, the Core Rules use the following techniques: + +* **HTTP Protection** - detecting violations of the HTTP protocol and a locally defined usage policy. +* **Real-time Blacklist Lookups** - utilizes 3rd Party IP Reputation +* **Web-based Malware Detection** - identifies malicious web content by check against the Google Safe Browsing API. +* **HTTP Denial of Service Protections** - defense against HTTP Flooding and Slow HTTP DoS Attacks. +* **Common Web Attacks Protection** - detecting common web application security attack. +* **Automation Detection** - Detecting bots, crawlers, scanners and other surface malicious activity. +* **Integration with AV Scanning for File Uploads** - detects malicious files uploaded through the web application. +* **Tracking Sensitive Data** - Tracks Credit Card usage and blocks leakages. +* **Trojan Protection** - Detecting access to Trojans horses. +* **Identification of Application Defects** - alerts on application misconfigurations. +* **Error Detection and Hiding** - Disguising error messages sent by the server. + +## ModSecurity Rules from Trustwave SpiderLabs + +Project Site: https://www.trustwave.com/modsecurity-rules-support.php + +Download: https://ssl.trustwave.com/web-application-firewall + +Trustwave now provides a commercial certified rule set for ModSecurity 2.x that protects against known attacks that target vulnerabilities in public software and are based on intelligence gathered from real-world investigations, honeypot data and research. + +1. More than 16,000 specific rules, broken out into the following attack categories: + + * SQL injection + * Cross-site Scripting (XSS) + * Local File Include + * Remote File Include + +2. User option for application specific rules, covering the same vulnerability classes for applications such as: + + * WordPress + * cPanel + * osCommerce + * Joomla + * For a complete listing of application coverage, please refer to this link (which is updated daily): https://modsecurity.org/application_coverage.html + +3. Complements and integrates with the OWASP Core Rule Set + +4. IP Reputation capabilities which provide protection against malicious clients identified by the Trustwave SpiderLabs Distributed Web Honeypots + +5. Malware Detection capabilities which prevent your web site from distributing malicious code to clients. diff --git a/README_WINDOWS.TXT b/README_WINDOWS.md similarity index 52% rename from README_WINDOWS.TXT rename to README_WINDOWS.md index 94c2bc9db9..30ee2e97f1 100644 --- a/README_WINDOWS.TXT +++ b/README_WINDOWS.md @@ -1,37 +1,32 @@ -===================================================================== -MOD_SECURITY 2.6 Command-line Build notes for Windows 4/2/2011 -by Tom Donovam -===================================================================== -PREREQUISITES: +## ModSecurity 2.x Command-line build notes for Windows - Microsoft Visual Studio C++ tested with Visual Studio 2008 (aka VC9) +by Tom Donovam, 4/2/2011 - CMake build system from: http://www.cmake.org/ tested with CMake v2.8.0 - Apache 2.2.x from: http://httpd.apache.org/ tested with Apache 2.2.17 - Apache must be built from source using the same Visual Studio compiler as mod_security. +## Prerequisites: - PCRE Perl Compatible Regular Expression library from: http://www.pcre.org/ tested with PCRE v8.12 +Dependency | Tested with | Note +----|------|---- +Microsoft Visual Studio C++ | Visual Studio 2008 (aka VC9) | +[CMake build system](http://www.cmake.org/) | CMake v2.8.0 | +[Apache 2.2.x](http://httpd.apache.org/) | Apache 2.2.17 | Apache must be built from source using the same Visual Studio compiler as mod_security. +[PCRE, Perl Compatible Regular Expression library](http://www.pcre.org/) | PCRE v8.12 +[LibXML2](http://xmlsoft.org/) | LibXML2 v2.7.7 | Note that LibXML2 v2.7.8 does not build correctly for Windows +[Lua Scripting Language](http://www.lua.org/) | Lua v5.1.4 +[cURL multiprotocol file transfer library](http://curl.haxx.se/) | cURL v7.21.4 - LibXML2 from: http://xmlsoft.org/ tested with LibXML2 v2.7.7 - Note that LibXML2 v2.7.8 does not build correctly for Windows - Lua Scripting Language from: http://www.lua.org/ tested with Lua v5.1.4 +## Before building - cURL multiprotocol file transfer library from: http://curl.haxx.se/ tested with cURL v7.21.4 - - -BEFORE BUILDING - -The directory where you build software from source ( C:\work in this exmaple) +The directory where you build software from source ( ``C:\work`` in this exmaple) must contain the Apache source you used to build the Apache web serverand the mod_security source Apache source is in C:\work\httpd-2.2.17 in this example. Apache has been installed to C:\Apache2217 in this example. Mod_security source is in C:\work\mod_security in this example. -Download and untar the prerequite library sources: +## Download and untar the prerequisite library sources: Download pcre-8.12.tar.gz from ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ untar it into C:\work\ creating C:\work\pcre-8.12 @@ -45,40 +40,52 @@ Download and untar the prerequite library sources: Download curl-7.21.4.tar.gz from http://curl.haxx.se/download.html untar it into C:\work\ creating C:\work\curl-7.21.4 -Setup your build environment: +## Setup your build environment: + +1. The ``PATH`` environment variable must include the Visual Studio variables as set by ``vsvars32.bat`` + +2. The ``PATH`` environment variable must also include the CMAKE ``bin\`` directory - The PATH environment variable must include the Visual Studio variables as set by vsvars32.bat - The PATH environment variable must also include the CMAKE bin\ directory +3. Set an environment variable to the Apache source code directory: - Set an environment variable to the Apache source code directory: +``` + SET HTTPD_BUILD=C:\work\httpd-2.2.17 +``` - SET HTTPD_BUILD=C:\work\httpd-2.2.17 +### Optional: - If OpenSSL and Zlib support were included when you built Apache 2.2, and you want them available to LIBXML2 and CURL +If OpenSSL and zlib support were included when you built Apache 2.2, and you want them available to LibXML2 and cURL - Ensure that cURL and libXML2 can find the OpenSSL and Zlib includes and libraries that Apache was built with. +1. Ensure that cURL and LibXML2 can find the OpenSSL and zlib includes and libraries that Apache was built with. - SET INCLUDE=%INCLUDE%;%HTTPD_BUILD%\srclib\openssl\inc32;%HTTPD_BUILD%\srclib\zlib - SET LIB=%LIB%;%HTTPD_BUILD%\srclib\openssl\out32dll;%HTTPD_BUILD%\srclib\zlib +``` + SET INCLUDE=%INCLUDE%;%HTTPD_BUILD%\srclib\openssl\inc32;%HTTPD_BUILD%\srclib\zlib + SET LIB=%LIB%;%HTTPD_BUILD%\srclib\openssl\out32dll;%HTTPD_BUILD%\srclib\zlib +``` - Ensure that cURL and libXML2 don't use the static zlib library: zlib.lib. - Force cURL and libXML2 to use zdll.lib instead, requiring zlib1.dll at runtime: +2. Ensure that cURL and libXML2 don't use the static zlib library: ``zlib.lib``. Force cURL and libXML2 to use ``zdll.lib`` instead, requiring ``zlib1.dll`` at runtime: - IF EXIST %HTTPD_BUILD%\srclib\zlib\zlib.lib DEL %HTTPD_BUILD%\srclib\zlib\zlib.lib +``` + IF EXIST %HTTPD_BUILD%\srclib\zlib\zlib.lib DEL %HTTPD_BUILD%\srclib\zlib\zlib.lib +``` -BUILD PCRE-8.12 +## Build + +### PCRE-8.12 CD C:\work\pcre-8.12 CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True NMAKE -BUILD LIBXML2-2.7.7 (note: the more recent version: 2.7.8 does not build correctly on Windows) +### LibXML2-2.7.7 + +Note: the more recent version: 2.7.8 does not build correctly on Windows) CD C:\work\libxml2-2.7.7\win32 CSCRIPT configure.js iconv=no vcmanifest=yes zlib=yes NMAKE -f Makefile.msvc -BUILD LUA-5.1.4 +### Lua-5.1.4 CD C:\work\lua-5.1.4\src CL /Ox /arch:SSE2 /GF /GL /Gy /FD /EHsc /MD /Zi /TC /wd4005 /D "_MBCS" /D "LUA_CORE" /D "LUA_BUILD_AS_DLL" /D "_CRT_SECURE_NO_WARNINGS" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_WIN32" /D "_WINDLL" /c *.c @@ -86,34 +93,34 @@ BUILD LUA-5.1.4 LINK /DLL /LTCG /DEBUG /OUT:lua5.1.dll *.obj IF EXIST lua5.1.dll.manifest MT -manifest lua5.1.dll.manifest -outputresource:lua5.1.dll;2 -BUILD CURL-7.21.4 +### cURL-7.21.4 CD C:\work\curl-7.21.4 CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True -DCURL_ZLIB=True NMAKE -BUILD MOD_SECURITY-2.6 +### ModSecurity-2.6 CD C:\work\mod_security\apache2 NMAKE -f Makefile.win APACHE=C:\Apache2217 PCRE=C:\work\pcre-8.12 LIBXML2=C:\work\libxml2-2.7.7 LUA=C:\work\lua-5.1.4\src -INSTALL MOD_SECURITY AND RUN APACHE +## Install ModSecurity and run Apache + +Copy these five files to ``C:\Apache2217\bin``: -Copy these five files to C:\Apache2217\bin: C:\work\pcre-8.12\pcre.dll C:\Apache2217\bin\ C:\work\lua-5.1.4\src\lua5.1.dll C:\Apache2217\bin\ C:\work\libxml2-2.7.7\win32\bin.msvc\libxml2.dll C:\Apache2217\bin\ C:\work\curl-7.21.4\libcurl.dll C:\Apache2217\bin\ C:\work\mod_security\apache2\mlogc-src\mlogc.exe -Copy this one file to C:\Apache2217\modules: +Copy this one file to ``C:\Apache2217\modules``: C:\work\mod_security\apache2\mod_security2.so -You may also copy C:\work\curl-7.21.4\curl.exe to C:\Apache2217\bin, if you want to use the cURL command-line program. +You may also copy ``C:\work\curl-7.21.4\curl.exe`` to ``C:\Apache2217\bin``, if you want to use the cURL command-line program. -Download the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ -and unzip them into C:\Apache2217\conf\modsecurity_crs +Download the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ and unzip them into ``C:\Apache2217\conf\modsecurity_crs`` Add configuration directives to your Apache conf\httpd.conf: @@ -134,11 +141,9 @@ Add configuration directives to your Apache conf\httpd.conf: SecAuditLog logs/modsecurity.log +## Optional: Build and configure the ModSecurity-2.x MLOGC piped-logging program -============================================================================================== -OPTIONAL: BUILD AND CONFIGURE THE MOD_SECURITY-2.6 MLOGC piped-logging program - -Edit the top of C:\work\mod_security\apache2\mlogc-src\Makefile.win and set your local paths +Edit the top of ``C:\work\mod_security\apache2\mlogc-src\Makefile.win`` and set your local paths # Path to Apache httpd installation BASE = C:\Apache2217 @@ -154,19 +159,19 @@ Edit the top of C:\work\mod_security\apache2\mlogc-src\Makefile.win and set your $(CURL)\libcurl_imp.lib \ wsock32.lib -Build the mlogc.exe program: +Build the ``mlogc.exe`` program: CD C:\work\mod_security_trunk\mlogc NMAKE -f Makefile.win -Copy mlocg.exe to C:\Apache2217\bin\ +Copy ``mlocg.exe`` to ``C:\Apache2217\bin\`` -Create a new command file C:\Apache2217\bin\mlogc.bat with one line: +Create a new command file ``C:\Apache2217\bin\mlogc.bat`` with one line: C:\Apache2217\bin\mlogc.exe C:\Apache2217\conf\mlogc.conf -Create a new configuration file C:\Apache2217\conf\mlogc.conf to control the piped-logging program mlogc.exe. -Here is an example conf\mlogc.conf: +Create a new configuration file ``C:\Apache2217\conf\mlogc.conf`` to control the piped-logging program ``mlogc.exe``. +Here is an example ``conf\mlogc.conf``: CollectorRoot "C:/Apache2217/logs" ConsoleURI "https://localhost:8888/rpc/auditLogReceiver" @@ -186,7 +191,6 @@ Here is an example conf\mlogc.conf: CheckpointInterval 15 ServerErrorTimeout 60 -Change the SecAuditLog directive in conf\httpd.conf to pipe the log data to mlogc -instead of writing them to a file: +Change the SecAuditLog directive in ``conf\httpd.conf`` to pipe the log data to mlogc instead of writing them to a file: SecAuditLog |C:/Apache2217/bin/mlogc.bat From 7c43a27b319ffa565d00b2f9d7f1537447b7469e Mon Sep 17 00:00:00 2001 From: Yang Luo Date: Thu, 23 Aug 2018 09:56:16 +0800 Subject: [PATCH 2/2] Update the dependencies in README for Windows based on refactory of 2.9.2 release. --- README_WINDOWS.md | 94 +++++++++++++++++++++++------------------------ 1 file changed, 46 insertions(+), 48 deletions(-) diff --git a/README_WINDOWS.md b/README_WINDOWS.md index 30ee2e97f1..dcb7e0db3a 100644 --- a/README_WINDOWS.md +++ b/README_WINDOWS.md @@ -8,13 +8,13 @@ by Tom Donovam, 4/2/2011 Dependency | Tested with | Note ----|------|---- -Microsoft Visual Studio C++ | Visual Studio 2008 (aka VC9) | -[CMake build system](http://www.cmake.org/) | CMake v2.8.0 | -[Apache 2.2.x](http://httpd.apache.org/) | Apache 2.2.17 | Apache must be built from source using the same Visual Studio compiler as mod_security. -[PCRE, Perl Compatible Regular Expression library](http://www.pcre.org/) | PCRE v8.12 -[LibXML2](http://xmlsoft.org/) | LibXML2 v2.7.7 | Note that LibXML2 v2.7.8 does not build correctly for Windows -[Lua Scripting Language](http://www.lua.org/) | Lua v5.1.4 -[cURL multiprotocol file transfer library](http://curl.haxx.se/) | cURL v7.21.4 +Microsoft Visual Studio C++ | Visual Studio 2013 (aka VC12) | +[CMake build system](http://www.cmake.org/) | CMake v3.8.2 | +[Apache 2.4.x](http://httpd.apache.org/) | Apache 2.4.27 | Apache must be built from source using the same Visual Studio compiler as mod_security. +[PCRE, Perl Compatible Regular Expression library](http://www.pcre.org/) | PCRE v8.40 +[LibXML2](http://xmlsoft.org/) | LibXML2 v2.9.4 | +[Lua Scripting Language](http://www.lua.org/) | Lua v5.3.4 +[cURL multiprotocol file transfer library](http://curl.haxx.se/) | cURL v7.54.0 ## Before building @@ -22,23 +22,23 @@ Microsoft Visual Studio C++ | Visual Studio 2008 (aka VC9) | The directory where you build software from source ( ``C:\work`` in this exmaple) must contain the Apache source you used to build the Apache web serverand the mod_security source - Apache source is in C:\work\httpd-2.2.17 in this example. - Apache has been installed to C:\Apache2217 in this example. + Apache source is in C:\work\httpd-2.4.27 in this example. + Apache has been installed to C:\Apache2427 in this example. Mod_security source is in C:\work\mod_security in this example. ## Download and untar the prerequisite library sources: - Download pcre-8.12.tar.gz from ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ - untar it into C:\work\ creating C:\work\pcre-8.12 + Download pcre-8.40.tar.gz from ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ + untar it into C:\work\ creating C:\work\pcre-8.40 - Download libxml2-2.7.7.tar.gz from ftp://xmlsoft.org/libxml2/ - untar it into C:\work\ creating C:\work\libxml2-2.7.7 + Download libxml2-2.9.4.tar.gz from ftp://xmlsoft.org/libxml2/ + untar it into C:\work\ creating C:\work\libxml2-2.9.4 - Download lua-5.1.4.tar.gz from http://www.lua.org/ftp/ - untar it into C:\work\ creating C:\work\lua-5.1.4 + Download lua-5.3.4.tar.gz from http://www.lua.org/ftp/ + untar it into C:\work\ creating C:\work\lua-5.3.4 - Download curl-7.21.4.tar.gz from http://curl.haxx.se/download.html - untar it into C:\work\ creating C:\work\curl-7.21.4 + Download curl-7.54.0.tar.gz from http://curl.haxx.se/download.html + untar it into C:\work\ creating C:\work\curl-7.54.0 ## Setup your build environment: @@ -49,12 +49,12 @@ must contain the Apache source you used to build the Apache web serverand the mo 3. Set an environment variable to the Apache source code directory: ``` - SET HTTPD_BUILD=C:\work\httpd-2.2.17 + SET HTTPD_BUILD=C:\work\httpd-2.4.27 ``` ### Optional: -If OpenSSL and zlib support were included when you built Apache 2.2, and you want them available to LibXML2 and cURL +If OpenSSL and zlib support were included when you built Apache 2.4, and you want them available to LibXML2 and cURL 1. Ensure that cURL and LibXML2 can find the OpenSSL and zlib includes and libraries that Apache was built with. @@ -71,56 +71,54 @@ If OpenSSL and zlib support were included when you built Apache 2.2, and you wan ## Build -### PCRE-8.12 +### PCRE-8.40 - CD C:\work\pcre-8.12 + CD C:\work\pcre-8.40 CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True NMAKE -### LibXML2-2.7.7 +### LibXML2-2.9.4 -Note: the more recent version: 2.7.8 does not build correctly on Windows) - - CD C:\work\libxml2-2.7.7\win32 + CD C:\work\libxml2-2.9.4\win32 CSCRIPT configure.js iconv=no vcmanifest=yes zlib=yes NMAKE -f Makefile.msvc -### Lua-5.1.4 +### Lua-5.3.4 - CD C:\work\lua-5.1.4\src + CD C:\work\lua-5.3.4\src CL /Ox /arch:SSE2 /GF /GL /Gy /FD /EHsc /MD /Zi /TC /wd4005 /D "_MBCS" /D "LUA_CORE" /D "LUA_BUILD_AS_DLL" /D "_CRT_SECURE_NO_WARNINGS" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_WIN32" /D "_WINDLL" /c *.c DEL lua.obj luac.obj LINK /DLL /LTCG /DEBUG /OUT:lua5.1.dll *.obj IF EXIST lua5.1.dll.manifest MT -manifest lua5.1.dll.manifest -outputresource:lua5.1.dll;2 -### cURL-7.21.4 +### cURL-7.54.0 - CD C:\work\curl-7.21.4 + CD C:\work\curl-7.54.0 CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True -DCURL_ZLIB=True NMAKE -### ModSecurity-2.6 +### ModSecurity-2.9.x CD C:\work\mod_security\apache2 - NMAKE -f Makefile.win APACHE=C:\Apache2217 PCRE=C:\work\pcre-8.12 LIBXML2=C:\work\libxml2-2.7.7 LUA=C:\work\lua-5.1.4\src + NMAKE -f Makefile.win APACHE=C:\Apache2427 PCRE=C:\work\pcre-8.40 LIBXML2=C:\work\libxml2-2.9.4 LUA=C:\work\lua-5.3.4\src ## Install ModSecurity and run Apache -Copy these five files to ``C:\Apache2217\bin``: +Copy these five files to ``C:\Apache2427\bin``: - C:\work\pcre-8.12\pcre.dll C:\Apache2217\bin\ - C:\work\lua-5.1.4\src\lua5.1.dll C:\Apache2217\bin\ - C:\work\libxml2-2.7.7\win32\bin.msvc\libxml2.dll C:\Apache2217\bin\ - C:\work\curl-7.21.4\libcurl.dll C:\Apache2217\bin\ + C:\work\pcre-8.40\pcre.dll C:\Apache2427\bin\ + C:\work\lua-5.3.4\src\lua5.1.dll C:\Apache2427\bin\ + C:\work\libxml2-2.9.4\win32\bin.msvc\libxml2.dll C:\Apache2427\bin\ + C:\work\curl-7.54.0\libcurl.dll C:\Apache2427\bin\ C:\work\mod_security\apache2\mlogc-src\mlogc.exe -Copy this one file to ``C:\Apache2217\modules``: +Copy this one file to ``C:\Apache2427\modules``: C:\work\mod_security\apache2\mod_security2.so -You may also copy ``C:\work\curl-7.21.4\curl.exe`` to ``C:\Apache2217\bin``, if you want to use the cURL command-line program. +You may also copy ``C:\work\curl-7.54.0\curl.exe`` to ``C:\Apache2427\bin``, if you want to use the cURL command-line program. -Download the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ and unzip them into ``C:\Apache2217\conf\modsecurity_crs`` +Download the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ and unzip them into ``C:\Apache2427\conf\modsecurity_crs`` Add configuration directives to your Apache conf\httpd.conf: @@ -146,11 +144,11 @@ Add configuration directives to your Apache conf\httpd.conf: Edit the top of ``C:\work\mod_security\apache2\mlogc-src\Makefile.win`` and set your local paths # Path to Apache httpd installation - BASE = C:\Apache2217 + BASE = C:\Apache2427 # Paths to required libraries - PCRE = C:\work\pcre-8.12 - CURL = C:\work\curl-7.21.4 + PCRE = C:\work\pcre-8.40 + CURL = C:\work\curl-7.54.0 # Linking libraries LIBS = $(BASE)\lib\libapr-1.lib \ @@ -164,16 +162,16 @@ Build the ``mlogc.exe`` program: CD C:\work\mod_security_trunk\mlogc NMAKE -f Makefile.win -Copy ``mlocg.exe`` to ``C:\Apache2217\bin\`` +Copy ``mlocg.exe`` to ``C:\Apache2427\bin\`` -Create a new command file ``C:\Apache2217\bin\mlogc.bat`` with one line: +Create a new command file ``C:\Apache2427\bin\mlogc.bat`` with one line: - C:\Apache2217\bin\mlogc.exe C:\Apache2217\conf\mlogc.conf + C:\Apache2427\bin\mlogc.exe C:\Apache2427\conf\mlogc.conf -Create a new configuration file ``C:\Apache2217\conf\mlogc.conf`` to control the piped-logging program ``mlogc.exe``. +Create a new configuration file ``C:\Apache2427\conf\mlogc.conf`` to control the piped-logging program ``mlogc.exe``. Here is an example ``conf\mlogc.conf``: - CollectorRoot "C:/Apache2217/logs" + CollectorRoot "C:/Apache2427/logs" ConsoleURI "https://localhost:8888/rpc/auditLogReceiver" SensorUsername "test" SensorPassword "testtest" @@ -193,4 +191,4 @@ Here is an example ``conf\mlogc.conf``: Change the SecAuditLog directive in ``conf\httpd.conf`` to pipe the log data to mlogc instead of writing them to a file: - SecAuditLog |C:/Apache2217/bin/mlogc.bat + SecAuditLog |C:/Apache2427/bin/mlogc.bat