Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
litespeed_wiki:config:mod_security_faq [2018/11/27 20:51] Jackson Zhang [LSWS doesn't support "LocationMatch" directive] |
litespeed_wiki:config:mod_security_faq [2019/06/06 15:41] qtwrk [Does LSWS Support "@inspectFile" ?] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Mod Security FAQ for LiteSpeed Web Server ====== | ====== Mod Security FAQ for LiteSpeed Web Server ====== | ||
+ | |||
+ | ===== Does LSWS Support "@inspectFile" ? ===== | ||
+ | |||
+ | Yes, but please make sure when using @inspectFile with a 3rd-party scanner, that the script returns ''0'' for block , and ''1'' for continue/pass. | ||
+ | |||
+ | Example code from the [[https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#inspectfile|mod_security reference manual]]: | ||
+ | |||
+ | <code> | ||
+ | $output = "0 Unable to parse clamscan output [$1]"; | ||
+ | |||
+ | if ($error_message =~ m/: Empty file\.?$/) { | ||
+ | $output = "1 empty file"; | ||
+ | } | ||
+ | elsif ($error_message =~ m/: (.+) ERROR$/) { | ||
+ | $output = "0 clamscan: $1"; | ||
+ | } | ||
+ | elsif ($error_message =~ m/: (.+) FOUND$/) { | ||
+ | $output = "0 clamscan: $1"; | ||
+ | } | ||
+ | elsif ($error_message =~ m/: OK$/) { | ||
+ | $output = "1 clamscan: OK"; | ||
+ | } | ||
+ | print "$output\n"; | ||
+ | </code> | ||
===== Does LSWS Support the "Concurrent" Type of Audit Log? ===== | ===== Does LSWS Support the "Concurrent" Type of Audit Log? ===== | ||
Line 46: | Line 70: | ||
The above error messages simply mean the given variables are not supported by LSWS yet. The errors can simply be ignored. We periodically review our mod_security engine and frequently add new support. Stay tuned. | The above error messages simply mean the given variables are not supported by LSWS yet. The errors can simply be ignored. We periodically review our mod_security engine and frequently add new support. Stay tuned. | ||
- | ===== You should not place 'SecDebugLogLevel' inside "LocationMatch" context ===== | + | ===== Does LSWS Support the "LocationMatch" directive? ===== |
- | When you use 'SecDebugLogLevel', 'SecAuditLogParts' or 'SecAuditLog' within "LocationMatch" directive, you may see the following error on LSWS: | + | When you use ''SecDebugLogLevel'', ''SecAuditLogParts'' or ''SecAuditLog'' within the ''LocationMatch'' directive, you may see the following errors on LSWS: |
Directive 'SecDebugLogLevel' is not allowed in current context. | Directive 'SecDebugLogLevel' is not allowed in current context. | ||
Directive 'SecAuditLogParts' is not allowed in current context. | Directive 'SecAuditLogParts' is not allowed in current context. | ||
Directive 'SecAuditLog' is not allowed in current context. | Directive 'SecAuditLog' is not allowed in current context. | ||
- | LSWS does support "LocationMatch" context but doesn't allow those three directives configured in it. Audit log is only set at server level, while debug log level can be set at vhost level. We have no plan to make it available at matching context level, which will be counterproductive to the optimization applied to the engine. | + | LiteSpeed Web Server //does// support the ''LocationMatch'' context, however the above three directives may not be configured within it. On LSWS, audit log can only be set at the server level, and the debug log level can be set at vhost level. We have no plans to make these directives available at the matching context level, as it would be counterproductive to the optimization applied to the engine. |