I been working on this ruleset sometime. Not really wring many rules but taking out all the useless stuff from the rules at gotroot, adding a few new ones, and trying to keep it light as possible.
This ruleset will stop most known and some unknown exploits. It also will fire on most php shells executed on your server.
Now, I suppose litespeed will just pick this ruleset up and read it but I usually install mod_security on apache and add it to httpd.conf in the case I had to run apache temporarily it wont error on the config . So compiling mod_security for your apache is recommended. There are tutorials everywhere for that, eth0.us has a good one but dont add anything to httpd.conf yet.
then wget this file to your /etc/httpd/conf directory
http://nix101.com/mod_security.conf
Add a line in your httpd.conf
Include /etc/httpd/conf/mod_security.conf
This shouldn't fire on most popular web apps, check your logs for request blocks and determine if they are legit or false alarm.
This ruleset will stop most known and some unknown exploits. It also will fire on most php shells executed on your server.
Now, I suppose litespeed will just pick this ruleset up and read it but I usually install mod_security on apache and add it to httpd.conf in the case I had to run apache temporarily it wont error on the config . So compiling mod_security for your apache is recommended. There are tutorials everywhere for that, eth0.us has a good one but dont add anything to httpd.conf yet.
then wget this file to your /etc/httpd/conf directory
http://nix101.com/mod_security.conf
Add a line in your httpd.conf
Include /etc/httpd/conf/mod_security.conf
This shouldn't fire on most popular web apps, check your logs for request blocks and determine if they are legit or false alarm.
