logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Third-party Modules View previous topic :: View next topic
Reply to topic   Topic: ModSecurity 2.7.0-rc2 available
Author
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU

PostPosted: Fri 22 Jun '12 22:08    Post subject: ModSecurity 2.7.0-rc2 available Reply with quote

ModSecurity 2.7.0-rc2 now available. Spend quite some time with the author(Breno) to get it build and working on Windows. Running now for week, no issues seen.

Version 2.7.0 has some nice new features, see change log below and http://www.modsecurity.org/ .

Note: 2.7.0 is more strict, for example the change:
* Added Rules must have ID action and must be numeric.
So when you get "no action id" and/or "the same action id", adjust your rules.

Attention for the free book, see http://www.apachelounge.com/viewtopic.php?t=4757

Steffen


Code:
22 Jun 2012 - 2.7.0-rc2
-----------------------

 * Fixed compilation errors and warnings under Windows platform.

 * Fixed SecEncryptionKey was not working as expected.

08 Jun 2012 - 2.7.0-rc1
-----------------------

 * Added SecEncryptionEngine. Initial crypt engine support, at the momment it will sign some Html
   and Response Header options.

 * Added SecEncryptionKey to define the a rand or static key for crypt engine.

 * Added SecEncryptionParam to define the new parameter name.

 * Added SecEncryptionMethodRx used with a regular expression to inspect the html in response
   body/header and decide what to protect.

 * Added SecEncryptionMethodPm used with multiple or single strings to inspect the html in response
   body/header and decide what to protect.

 * Added ctl encryptionEngine as a per transaction version of SecEncryptionEgine diretive.

 * Added ctl encryptionEnforcement that will allow the engine to sign the data but the enforcement is
   disabled.

 * Added validateEncryption operator to enforce the signed elements.

 * Added rsub operator supports the syntax |hex| allowing users to use special chars like \n \r.

 * Added SecRuleUpdateTargetById now supports id range.

 * Added SecRuleUpdateTargetByMsg and its ctl version (Thanks Scott Gifford).

 * Added SecRuleUpdateTargetByTag and its ctl version (Thanks Scott Gifford).

 * Added SecRulePerfTime when greater than zero it will fill rule id's execution time into PERF_RULE
   and log id=usec information in the new Perf-rule-info: line in part H.

 * Added PERF_RULES variable that contains rule execution time.

 * Added Engine-mode: section in part H.

 * Added ruleRemoveByMsg ctl version.

 * Added removeCommentsChar and removeComments now can work with <!-- --> style.

 * Added SecArgumentSeparator and SecCookieFormat can be used in different scope locations.

 * Added Rules must have ID action and must be numeric.

 * Added The use of tfns are deprecated in SecDefaultAction. Should be forbid in the future.

 * Added Macro expansion support to the action pause.

 * Added IpmatchFromFile/IpmatchF operator.

 * Added New setrsc action, the RESOURCE collection used SecWebAppId Name Space

 * Added Configure option --enable-cache-lua that allows reuse of Lua VM per transaction.
   It will only take any effect when ModSecurity has multiple scripts to run per transaction.

 * Added Configure option --enable-pcre-jit that allows ModSecurity regex engine to use PCRE Jit support.

 * Added Configure option --enable-request-early that allows ModSecurity run phase 1 in post_read_request hook.

 * Added RBL operator now support the httpBl api (http://www.projecthoneypot.org/httpbl_api.php).

 * Added SecHttpBlKey to be used with httpBl api.

 * Added SecSensorId will specify the modsecurity sensor name into audit log part H.

 * Added aliases to phase:2 (phase:request), phase:4 (phase:response) and phase:5 (phase:logging).

 * Added USERAGENT_IP variable. Created when Apache24 is used with mod_remoteip to know the real
   client ip address.

 ^ Added new rule metadata actions ver, maturity and accuracy. Also included into RULE collection.

 * Updated Reference manual into doc/ directory.

 * Fixed Variable DURATION contains the elapsed time in microseconds for compatible reasons with apache and
   other variables.

 * Fixed Preserve names/identity of the variables going into MATCHED_VARS.

 * Fixed Redirect macro expansion does not work in SecDefaultAction when SecRule uses block action.

 * Fixed rsub operator does not work as expect if regex contains parentheses (Thanks Jerome Freilinger).

 * Current Google Safe Browsing implementation is deprecated. Google changed the API and does not allow
   anymore the malware database for download.

 * Fixed a multipart bypass issue related to quote parsing
   Credits to  Qualys Vulnerability & Malware Research Labs (VMRL).
Back to top
maskego



Joined: 16 Apr 2010
Posts: 238

PostPosted: Sun 24 Jun '12 0:30    Post subject: Reply with quote

Thanks for this compilation.
When will the mod_security 2.7.0 stable release? Smile
Back to top
maskego



Joined: 16 Apr 2010
Posts: 238

PostPosted: Tue 11 Sep '12 9:26    Post subject: Reply with quote

The modsecurity-apache_2.7.0-rc3 is released at modsecurity site http://www.modsecurity.org/ Smile
Back to top
admin
Site Admin


Joined: 15 Oct 2005
Posts: 692

PostPosted: Tue 11 Sep '12 11:20    Post subject: Reply with quote

Coming soon.
Back to top


Reply to topic   Topic: ModSecurity 2.7.0-rc2 available View previous topic :: View next topic
Post new topic   Forum Index -> Third-party Modules