Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
tutorial:adm:server_preparation [2020/08/10 07:39]
urbanl [Apache Tomcat configuration] optional tomcat manager 		tutorial:adm:server_preparation [2021/05/04 08:39]
kopro [Disabling mod_security rules] update configuration for certificates
Line 21: Line 21:
 dnf clean all dnf clean all
 dnf -y install epel-release dnf -y install epel-release
-dnf update -y+dnf -y update
  
 # other recommended packages installation # other recommended packages installation
Line 369: Line 369:
  
   * Again, restart the tomcat   * Again, restart the tomcat
 +
 <code bash> <code bash>
 systemctl restart tomcat systemctl restart tomcat
Line 606: Line 607:
         <Location "/idm/api/v1/websocket-info/">         <Location "/idm/api/v1/websocket-info/">
                 SecRuleRemoveById 950100                 SecRuleRemoveById 950100
 +        </Location>
 +
 +        # These break Certificate Authority module
 +        <Location "/idm/api/v1/crt/certificates">
 +                SecRuleRemoveById 960915
 +                SecRuleRemoveById 200003
         </Location>         </Location>
                  
 + # Modsec can throw false positives on some files due to multipart boundary check
 + <Location "/idm/api/v1/attachments/upload">
 + SecRuleRemoveById 960915
 + SecRuleRemoveById 200003
 + </Location>
 +
         # do not log request/response body         # do not log request/response body
-        SecAuditLogParts ABFHZ+        SecAuditLogParts AFHZ
 </IfModule> </IfModule>
 </code> </code>
  • by koulaj