kys4

README.md

@@ -1,6 +1 @@
-# Coisas para leres que sao fixes wowowowowowow !!!!! (Assignment 2)
+kys 
-- Os slides (duh)
-- Okay  o mais importante é os slides.
-
-- [X.509 (ssl.com)](https://www.ssl.com/faqs/what-is-an-x-509-certificate/)
-- [X.509 (youtube)](https://www.youtube.com/watch?v=kAaIYRJoJkc)

SERVER.sh

@@ -25,7 +25,6 @@ instalar nodejs
 instalar epel-release
 instalar httpd
 instalar mod_security
-instalar mod_security_crs
 
 instalar iptables-services
 s stop firewalld
@@ -44,6 +43,9 @@ sudo iptables-save > /etc/sysconfig/iptables
 
 sudo cp conf/httpd.conf /etc/httpd/conf/httpd.conf
 sudo cp conf/modsecurity.conf /etc/httpd/conf/modsecurity.conf
+sudo mkdir -p /var/log/modsecurity/
+sudo rm -f /etc/httpd/conf.d/mod_security.conf
+sudo rm -f /etc/httpd/modsecurity.d/*.conf
 
 # instalar juice-shop se nao existir
 jspath="/var/juice-shop"

conf/modsecurity.conf

@@ -1,11 +1,11 @@
 SecRuleEngine On
 SecRequestBodyAccess On
 SecResponseBodyAccess Off
-#SecDebugLog /var/log/modsecurity/debug.log
+SecDebugLog /var/log/modsecurity/debug.log
 SecDebugLogLevel 0
 SecAuditLogParts ABIJ
 SecAuditLogType Serial
-#SecAuditLog /var/log/modsecurity/audit.log
+SecAuditLog /var/log/modsecurity/audit.log
 
 # SQL Injection protection
 SecRule ARGS "(?i)(union(\s+all)?\s+select|select\s+.*\s+from|insert\s+into|update\s+.*\s+set|delete\s+from|drop\s+table|or\s+1=1|--|#|/\*|\*/|\bexec\b|\bexecute\b)" \