Hi, I'm actually using the modsecurity from this tutorial made by Till. http://www.faqforge.com/category/linux/controlpanels/ispconfig3/ The tutorial works great , and i am very happy with my new implementation. My problem is very simple, and i know how to solve this. https://www.modsecurity.org/tracker/browse/MODSEC-288 As explained on the link, there's a bug with {unique_id} variable, what i need is something like : In file : modsecurity_crs_10_config.conf (main modsecurity config file) SecDefaultAction "phase:2,log,redirect:http://blabla.com/security/hack.php?ip=%{remote_addr}®la=%{rule.msg}&id=%{UNIQUE_ID}" I need UNIQUE_ID to manage a future script to ban bad requests using iptables. But when the redirect happens, no unique_id appears. The bugtracker says that its fixed in 2.7.0, so thats why i need to update. I have already tried a lot of tutorials, and any of them work. Dunno what to do now, i'm a little lost. I Hope someone can help me with this and first of all, thanks for helping.
Okey, i'm now running modsecurity 2 with owasp 2.7.1 Rules. For those who want to protect their servers against WEB attacks on a Debian Squeeze read the following Manuals. First (remember to change the paths in some commands, CHECK IT) https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-Installation_for_Apache Second, download and install (follow INSTALL file inside the .tar) the rule set from https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project Third (Optional) - Bann Attackers with iptables http://spamcleaner.org/en/misc/modsec2ipt.html
