From 73c5b1c5d5d446f1f8c9988e145f14f81b2e4a80 Mon Sep 17 00:00:00 2001 From: vasco Date: Sun, 31 May 2026 19:47:48 +0100 Subject: [PATCH] kys4 --- README.md | 7 +------ SERVER.sh | 4 +++- conf/modsecurity.conf | 4 ++-- 3 files changed, 6 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index d41dd3a..19c515c 100644 --- a/README.md +++ b/README.md @@ -1,6 +1 @@ -# Coisas para leres que sao fixes wowowowowowow !!!!! (Assignment 2) -- Os slides (duh) -- Okay o mais importante é os slides. - -- [X.509 (ssl.com)](https://www.ssl.com/faqs/what-is-an-x-509-certificate/) -- [X.509 (youtube)](https://www.youtube.com/watch?v=kAaIYRJoJkc) +kys diff --git a/SERVER.sh b/SERVER.sh index 6611de0..052e81d 100644 --- a/SERVER.sh +++ b/SERVER.sh @@ -25,7 +25,6 @@ instalar nodejs instalar epel-release instalar httpd instalar mod_security -instalar mod_security_crs instalar iptables-services s stop firewalld @@ -44,6 +43,9 @@ sudo iptables-save > /etc/sysconfig/iptables sudo cp conf/httpd.conf /etc/httpd/conf/httpd.conf sudo cp conf/modsecurity.conf /etc/httpd/conf/modsecurity.conf +sudo mkdir -p /var/log/modsecurity/ +sudo rm -f /etc/httpd/conf.d/mod_security.conf +sudo rm -f /etc/httpd/modsecurity.d/*.conf # instalar juice-shop se nao existir jspath="/var/juice-shop" diff --git a/conf/modsecurity.conf b/conf/modsecurity.conf index 9e557c1..1f03316 100644 --- a/conf/modsecurity.conf +++ b/conf/modsecurity.conf @@ -1,11 +1,11 @@ SecRuleEngine On SecRequestBodyAccess On SecResponseBodyAccess Off -#SecDebugLog /var/log/modsecurity/debug.log +SecDebugLog /var/log/modsecurity/debug.log SecDebugLogLevel 0 SecAuditLogParts ABIJ SecAuditLogType Serial -#SecAuditLog /var/log/modsecurity/audit.log +SecAuditLog /var/log/modsecurity/audit.log # SQL Injection protection SecRule ARGS "(?i)(union(\s+all)?\s+select|select\s+.*\s+from|insert\s+into|update\s+.*\s+set|delete\s+from|drop\s+table|or\s+1=1|--|#|/\*|\*/|\bexec\b|\bexecute\b)" \