Apache Friends Support Forum

Skip to content

mod_security2 - SecServerSignature problem

Problems with the Linux version of XAMPP, questions, comments, and anything related.
Forum rules
Post a reply

mod_security2 - SecServerSignature problem

Postby gova » 09. June 2009 16:16

I'm using XAMPP 1.7.1 with ModSecurity v2.5.9 . All mod_security features work perfectly except SecServerSignature.

I have changed ServerTokens value from Prod to Full, ServerSignature Off - according to the documentation ServerTokens (baner) should be replaced by SecServerSignature value example:

Code: Select all
SecServerSiganture "Microsoft-IIS/5.0"


The problem is that only first part of ServerTokens (baner) is being replaced:

Microsoft-IIS/5.0 mod_apreq2-20051231/2.6.0 mod_ perl/2.0.4 Perl/v5.10.0

it should looks like server baner below:
Microsoft-IIS/5.0

If SecServerSiganture value is longer "Microsoft-IIS/5.0 ASP.NET" final banner will be also longer and last parts will be just shifted:
Microsoft-IIS/5.0 ASP.NET mod_apreq2-20051231/2.6.0 mod_ perl/2.0.4 Perl/v5.10.0

The same configuration on few other systems e.g. Debian with default apache2 package works as expected so I pretty sure that this problem is related to XAMPP. The same problem I have observed on versions 1.6.6-1.7 .

Any ideas?
gova
 
Posts: 2
Joined: 09. June 2009 15:23
Top

Re: mod_security2 - SecServerSignature problem

Postby gova » 10. June 2009 09:28

FYI

I have resolved this problem today morning, the problem is that SecServerSignature is not able to replace version of mod_perl and mod_apreq2. Standard server baner is being replaced correctly however there is a problem with additional modules. XAMPP loads a lot of unnecessary modules which I don't need at all, once I remove two mentioned above modules everything works fine.

I suppose that SecServerSignature is trying to replace only standard length of server banner (it's also the reason why we need to change ServerTokens to Full value), if server banner has not default length mod_security overwrite only part of allocated by server banner memory.

It's quit possibly that if additional modules which are changing server banner are being used, mod_security code change will be needed, or we have to find out how to use additional modules and leave length of server banner as it is.

It's only some kinds of workaround solution but it's enough for me ;) If I will need additional modules I will have to check it deeper.
gova
 
Posts: 2
Joined: 09. June 2009 15:23
Top

Re: mod_security2 - SecServerSignature problem

Postby ddeighton » 27. June 2009 06:44

I had the same problem and was able to get it working.

The signature is properly replaced if the configuration file/settings/modules for mod_security are loaded after the config settings for the problem modules.

Try it out and let us know if it also works for you.
ddeighton
 
Posts: 1
Joined: 27. June 2009 06:37
Top
Post a reply

Return to XAMPP for Linux

Who is online

Users browsing this forum: No registered users and 83 guests

Powered by Bitnami phpBB
Privacy Policy