Issue
How to check and update ModSecurity and OSSEC rule sets on servers?
Environment
- Imunify360
- OSSEC
- ModSecurity
Solution
ModSecurity.
ModSecurity rule set version can be checked on the following pathes:
- Plesk: /etc/httpd/conf/modsecurity.d/rules/custom/VERSION ("/etc/apache2/modsecurity.d/rules/custom/VERSION" if on Ubuntu)
- DirectAdmin: /usr/local/directadmin/custombuild/custom/modsecurity/conf/VERSION
- cPanel: /etc/apache2/conf.d/modsec_vendor_configs/imunify360-*/VERSION
Instead of imunify360-full-apache, another rule set can be installed, for example, imunify360-full-litespeed.
Rules can be updated with the following command:
imunify360-agent update --force modsec-rules
Don't forget to restart the webserver service after updates will be installed.
OSSEC.
The installed OSSEC rule set can be checked in the directory:
ls -la /var/ossec/etc/VERSIONS/
Rules can be updated with the following command:
imunify360-agent update ossec --force
Comments
0 comments
Please sign in to leave a comment.