function mod_security()
{
$sock = new sockets();
$users = new usersMenus();
$httpdconf = $GLOBALS["CLASS_UNIX"]->LOCATE_APACHE_CONF_PATH();
$d_path = $GLOBALS["CLASS_UNIX"]->APACHE_DIR_SITES_ENABLED();
$DAEMON_PATH = $GLOBALS["CLASS_UNIX"]->getmodpathfromconf($httpdconf);
$APACHE_MODULES_PATH = $GLOBALS["CLASS_UNIX"]->APACHE_MODULES_PATH();
@unlink("{$DAEMON_PATH}/mods-enabled/mod_security.load");
$free = new freeweb();
if (!$free->mod_security_ifvailable()) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache module 'mod_security2' cannot be added\n";
return;
}
$a[] = "LoadFile /usr/lib/libxml2.so.2";
$a[] = "LoadModule security2_module {$APACHE_MODULES_PATH}/mod_security2.so";
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache module 'mod_security2' enabled\n";
@file_put_contents("{$DAEMON_PATH}/mods-enabled/mod_security.load", @implode("\n", $a));
unset($a);
$u[] = "LoadModule unique_id_module {$APACHE_MODULES_PATH}/mod_unique_id.so\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache module 'mod_unique_id' enabled\n";
@file_put_contents("{$DAEMON_PATH}/mods-enabled/mod_unique_id.load", @implode("\n", $u));
unset($u);
$SecServerSignature = $sock->GET_INFO("SecServerSignature");
$f[] = "<IfModule security2_module>";
$f[] = " SecRuleEngine On";
if ($SecServerSignature != null) {
$f[] = " SecServerSignature\t\"{$SecServerSignature}\"";
}
//$f[]=" #SecFilterCheckURLEncoding {$Params["SecFilterCheckURLEncoding"]}";
//$f[]=" #SecFilterCheckUnicodeEncoding {$Params["SecFilterCheckUnicodeEncoding"]}";
//$f[]=" SecFilterForceByteRange 1 255";
//$f[]=" SecAuditEngine RelevantOnly";
$f[] = " SecAuditEngine RelevantOnly";
$f[] = " SecAuditLog /var/log/apache2/modsec_audit_log";
$f[] = " SecDebugLog /var/log/apache2/modsec_debug_log";
$f[] = " SecDebugLogLevel 0";
$f[] = " SecRequestBodyAccess Off";
$f[] = " SecDefaultAction \"phase:2,deny,log,status:'Hello World!'\"";
$f[] = "</IfModule>\n\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache {$DAEMON_PATH}/mod_security.conf\n";
@file_put_contents("{$DAEMON_PATH}/mod_security.conf", @implode("\n", $f));
unset($f);
if (is_file("{$DAEMON_PATH}/mod_security.conf")) {
@unlink("{$DAEMON_PATH}/BackupConf/mod_security.conf");
@copy("{$DAEMON_PATH}/ports.conf", "{$DAEMON_PATH}/BackupConf/mod_security.conf");
$GLOBALS["ToRestore"][] = "{$DAEMON_PATH}/BackupConf/mod_security.conf";
}
}
