j.smith1981
28th October 2009, 11:44 AM
Hi there,
I thought I would attempt at least a run of mod_security.
After adding in the line:
SecChrootDir /www/html
To the bottom before the: '</IfModule>' part.
It seems to come up with the following log errors:
[Wed Oct 28 10:38:11 2009] [notice] caught SIGTERM, shutting down
[Wed Oct 28 10:38:22 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Oct 28 10:38:23 2009] [error] SecServerSignature: original signature too short. Please set ServerTokens to Full.
[Wed Oct 28 10:38:23 2009] [notice] ModSecurity: chroot checkpoint #1 (pid=31072 ppid=31071)
[Wed Oct 28 10:38:23 2009] [notice] ModSecurity for Apache/2.5.9 (http://www.modsecurity.org/) configured.
[Wed Oct 28 10:38:23 2009] [notice] Original server signature: Apache
[Wed Oct 28 10:38:23 2009] [notice] Digest: generating secret for digest authentication ...
[Wed Oct 28 10:38:23 2009] [notice] Digest: done
[Wed Oct 28 10:38:24 2009] [error] SecServerSignature: original signature too short. Please set ServerTokens to Full.
[Wed Oct 28 10:38:24 2009] [notice] ModSecurity: chroot checkpoint #2 (pid=31073 ppid=1)
[Wed Oct 28 10:38:24 2009] [notice] ModSecurity: chroot successful, path=/www/html
[Wed Oct 28 10:38:24 2009] [emerg] (2)No such file or directory: mod_fcgid: Can't create share memory for size %zu byte
Also when I tried accessing the address of my server, it just doesnt come up with anything so I attempted a restart again only it fails to start.
Thats the only modification I have done, removing the: 'SecChrootDir' line and restarting seems to work if I do this 3 times though which is at least ok but wanted to see if I could at least jail root apache.
Anyone know what I can do about this?
Any help is greatly appreciated.
Jeremy.
I thought I would attempt at least a run of mod_security.
After adding in the line:
SecChrootDir /www/html
To the bottom before the: '</IfModule>' part.
It seems to come up with the following log errors:
[Wed Oct 28 10:38:11 2009] [notice] caught SIGTERM, shutting down
[Wed Oct 28 10:38:22 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Oct 28 10:38:23 2009] [error] SecServerSignature: original signature too short. Please set ServerTokens to Full.
[Wed Oct 28 10:38:23 2009] [notice] ModSecurity: chroot checkpoint #1 (pid=31072 ppid=31071)
[Wed Oct 28 10:38:23 2009] [notice] ModSecurity for Apache/2.5.9 (http://www.modsecurity.org/) configured.
[Wed Oct 28 10:38:23 2009] [notice] Original server signature: Apache
[Wed Oct 28 10:38:23 2009] [notice] Digest: generating secret for digest authentication ...
[Wed Oct 28 10:38:23 2009] [notice] Digest: done
[Wed Oct 28 10:38:24 2009] [error] SecServerSignature: original signature too short. Please set ServerTokens to Full.
[Wed Oct 28 10:38:24 2009] [notice] ModSecurity: chroot checkpoint #2 (pid=31073 ppid=1)
[Wed Oct 28 10:38:24 2009] [notice] ModSecurity: chroot successful, path=/www/html
[Wed Oct 28 10:38:24 2009] [emerg] (2)No such file or directory: mod_fcgid: Can't create share memory for size %zu byte
Also when I tried accessing the address of my server, it just doesnt come up with anything so I attempted a restart again only it fails to start.
Thats the only modification I have done, removing the: 'SecChrootDir' line and restarting seems to work if I do this 3 times though which is at least ok but wanted to see if I could at least jail root apache.
Anyone know what I can do about this?
Any help is greatly appreciated.
Jeremy.
