Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:config:mod_security_faq [2018/11/27 21:22] Lisa Clarke [You should not place 'SecDebugLogLevel' inside "LocationMatch" context] Proofreading |
litespeed_wiki:config:mod_security_faq [2019/06/06 15:41] (current) qtwrk [Does LSWS Support "@inspectFile" ?] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Mod Security FAQ for LiteSpeed Web Server ====== | ====== Mod Security FAQ for LiteSpeed Web Server ====== | ||
| + | |||
| + | ===== Does LSWS Support "@inspectFile" ? ===== | ||
| + | |||
| + | Yes, but please make sure when using @inspectFile with a 3rd-party scanner, that the script returns ''0'' for block , and ''1'' for continue/pass. | ||
| + | |||
| + | Example code from the [[https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#inspectfile|mod_security reference manual]]: | ||
| + | |||
| + | <code> | ||
| + | $output = "0 Unable to parse clamscan output [$1]"; | ||
| + | |||
| + | if ($error_message =~ m/: Empty file\.?$/) { | ||
| + | $output = "1 empty file"; | ||
| + | } | ||
| + | elsif ($error_message =~ m/: (.+) ERROR$/) { | ||
| + | $output = "0 clamscan: $1"; | ||
| + | } | ||
| + | elsif ($error_message =~ m/: (.+) FOUND$/) { | ||
| + | $output = "0 clamscan: $1"; | ||
| + | } | ||
| + | elsif ($error_message =~ m/: OK$/) { | ||
| + | $output = "1 clamscan: OK"; | ||
| + | } | ||
| + | print "$output\n"; | ||
| + | </code> | ||
| ===== Does LSWS Support the "Concurrent" Type of Audit Log? ===== | ===== Does LSWS Support the "Concurrent" Type of Audit Log? ===== | ||