forked from schubergphilis/mod_security
-
Notifications
You must be signed in to change notification settings - Fork 0
/
metadata.json
37 lines (37 loc) · 4.09 KB
/
metadata.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
{
"dependencies": {
"build-essential": ">= 0.0.0",
"apache2": ">= 0.0.0"
},
"name": "mod_security",
"maintainer_email": "[email protected]",
"attributes": {
},
"license": "Apache 2.0",
"suggestions": {
},
"platforms": {
"scientific": ">= 0.0.0",
"debian": ">= 0.0.0",
"fedora": ">= 0.0.0",
"centos": ">= 0.0.0",
"ubuntu": ">= 0.0.0",
"redhat": ">= 0.0.0"
},
"maintainer": "HoneyApps Inc.",
"long_description": "Description\n===========\n\nEver wanted a little guardian angel to protect your chef deployed\nservers from the bad guys? Like a bad-ass Jiminy Cricket on your\nshoulder? \n\nThis package is to make deployment and testing of mod_security easier\nwith chef. Right now it centers entirely around the OWASP Core Rule\nSets of mod_security rules. In future, it will allow you to manage/deploy\ncustom rule/rulesets of your own.\n\nThere are 2 main use cases right now:\n\n## Install on a real production server\n\n* Adjust the attributes to your liking and install the default\n recipe. \n \n## Find out what ModSecurity could do for your site in less than\n 15-minutes.\n \n* Setup a base chef recipe for a server. Ubuntu 10.04 on Rackspace\n Cloud is pretty easy (and what I've tested with)\n* Set it to install the default recipe\n* Create a cookbook to reverse proxy to your real server sorta like\n this:\n<pre> \nmod_secure_proxy \"my_site\" do\n server_name \"www.mysite.com\"\n enable_https true # if you want to proxy https too\nend\n</pre>\n* Set your local /etc/hosts (or equiv.) file to have that server's IP\n look like your site\n* Test to your heart's content.\n* Look at /var/log/modsec.log and see what you could be blocking\n* Change the \"DetectOnly\" attribute to \"On\" and test some more\n\nRequirements\n============\n\n## Cookbooks\n\nThis cookbook depends on apache2 and build-essential\n\n## Platforms\n\n### Supported\n* Ubuntu (tested on 10.04)\n* Debian\n* RedHat\n* CentOS (tested on 5.6)\n* Fedora\n* Scientific?\n\n### Coming Soon\n* Arch (anything else that apache2 supports)\n\nAttributes\n==========\n\nMajor ones will be documented soon. For right now check the\nattributes file. A few suggestions\n\n* Compile from source. I normally prefer not to do this, but some\n core rules break if you don't\n* The core rules are in the cookbook because old version seem to\n disappear from sourceforge, and that sucks if you're maintaining a\n large deployment. \n* Base rules should generally be safe. the other groups much less\n so. There are some rules with inconsistently named data files that\n will need to be fixed.\n \nRecipes\n=======\n\ndefault\n-------\nThis installs base and the OWASP core rule set currently.\n\ninstall_base\n------------\n\ninstall_owasp_core_rule_set\n---------------------------\n\nChanges\n=======\n\n* 0.0.6 \n * version bump to fix packaging issue\n* 0.0.5\n * add server alias support for mod_secure_proxy definition\n * test and fix data file loading issues in main,srl, and optional rulesets\n * identify experimental rulesets that don't work in our environment yet\n* 0.0.3/0.0.4\n * add RedHat-based distro support\n* 0.0.2 \n * upgrade to mod_security 2.6.2\n * flesh out main config options as chef attributes\n* 0.0.1 First release\n\nLicense and Authors\n===================\n\nAuthor:: Jason Rohwedder <[email protected]>\n\nCopyright:: 2011, HoneyApps, Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n\n",
"version": "0.0.6",
"recommendations": {
},
"recipes": {
},
"groupings": {
},
"conflicting": {
},
"replacing": {
},
"description": "Installs mod_security for Apache2",
"providing": {
}
}