function mod_security() { $sock = new sockets(); $users = new usersMenus(); $httpdconf = $GLOBALS["CLASS_UNIX"]->LOCATE_APACHE_CONF_PATH(); $d_path = $GLOBALS["CLASS_UNIX"]->APACHE_DIR_SITES_ENABLED(); $DAEMON_PATH = $GLOBALS["CLASS_UNIX"]->getmodpathfromconf($httpdconf); $APACHE_MODULES_PATH = $GLOBALS["CLASS_UNIX"]->APACHE_MODULES_PATH(); @unlink("{$DAEMON_PATH}/mods-enabled/mod_security.load"); $free = new freeweb(); if (!$free->mod_security_ifvailable()) { echo "Starting......: " . date("H:i:s") . " [INIT]: Apache module 'mod_security2' cannot be added\n"; return; } $a[] = "LoadFile /usr/lib/libxml2.so.2"; $a[] = "LoadModule security2_module {$APACHE_MODULES_PATH}/mod_security2.so"; echo "Starting......: " . date("H:i:s") . " [INIT]: Apache module 'mod_security2' enabled\n"; @file_put_contents("{$DAEMON_PATH}/mods-enabled/mod_security.load", @implode("\n", $a)); unset($a); $u[] = "LoadModule unique_id_module {$APACHE_MODULES_PATH}/mod_unique_id.so\n"; echo "Starting......: " . date("H:i:s") . " [INIT]: Apache module 'mod_unique_id' enabled\n"; @file_put_contents("{$DAEMON_PATH}/mods-enabled/mod_unique_id.load", @implode("\n", $u)); unset($u); $SecServerSignature = $sock->GET_INFO("SecServerSignature"); $f[] = "<IfModule security2_module>"; $f[] = " SecRuleEngine On"; if ($SecServerSignature != null) { $f[] = " SecServerSignature\t\"{$SecServerSignature}\""; } //$f[]=" #SecFilterCheckURLEncoding {$Params["SecFilterCheckURLEncoding"]}"; //$f[]=" #SecFilterCheckUnicodeEncoding {$Params["SecFilterCheckUnicodeEncoding"]}"; //$f[]=" SecFilterForceByteRange 1 255"; //$f[]=" SecAuditEngine RelevantOnly"; $f[] = " SecAuditEngine RelevantOnly"; $f[] = " SecAuditLog /var/log/apache2/modsec_audit_log"; $f[] = " SecDebugLog /var/log/apache2/modsec_debug_log"; $f[] = " SecDebugLogLevel 0"; $f[] = " SecRequestBodyAccess Off"; $f[] = " SecDefaultAction \"phase:2,deny,log,status:'Hello World!'\""; $f[] = "</IfModule>\n\n"; echo "Starting......: " . date("H:i:s") . " [INIT]: Apache {$DAEMON_PATH}/mod_security.conf\n"; @file_put_contents("{$DAEMON_PATH}/mod_security.conf", @implode("\n", $f)); unset($f); if (is_file("{$DAEMON_PATH}/mod_security.conf")) { @unlink("{$DAEMON_PATH}/BackupConf/mod_security.conf"); @copy("{$DAEMON_PATH}/ports.conf", "{$DAEMON_PATH}/BackupConf/mod_security.conf"); $GLOBALS["ToRestore"][] = "{$DAEMON_PATH}/BackupConf/mod_security.conf"; } }