Jul 122012
 

Hello, last night i tried to install mod_security on a debian squeeze server, at first i thought that it would be an easy task but i was wrong, it turned out quite tricky to get it running the main reason was that debian has version 2.5.12-1 at its repository which it is not support the latest Core Rule Set so if you too are seeing this error:

Syntax error on line 91 of /etc/apache2/modsecurity_crs/activated_rules/modsecurity_crs_20_protocol_violations.conf:
Error creating rule: Unknown variable: REQBODY_ERROR
Action 'configtest' failed.
The Apache error log may have more information.
 failed!

You are lucky,there is a bugfix, go to the mentioned line of apache’s error and change

REQBODY_ERROR

with

REQBODY_PROCESSOR_ERROR

solution was given here https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2011-May/000779.html

if you are not feeling well with this for whatever reason, you can always use the outdated CRS that it comes with the package from the debian repository and it is located at /usr/share/doc/mod-security-common/examples/rules

root@debian ~ # ls -la /usr/share/doc/mod-security-common/examples/rules
total 92K
drwxr-xr-x 5 root root 4.0K Jul 11 23:27 .
drwxr-xr-x 3 root root 4.0K Jul 11 23:27 ..
drwxr-xr-x 2 root root 4.0K Jul 11 23:27 base_rules
-rw-r--r-- 1 root root  22K Feb  5  2010 CHANGELOG
-rw-r--r-- 1 root root  18K Jul 31  2009 LICENSE
-rw-r--r-- 1 root root 6.6K Feb  5  2010 modsecurity_crs_10_config.conf
drwxr-xr-x 2 root root 4.0K Jul 11 23:27 optional_rules
-rw-r--r-- 1 root root  17K Feb  5  2010 README
drwxr-xr-x 2 root root 4.0K Jul 11 23:27 util

Hope this helps somebody to avoid much time going from site to site

Jul 122012
 

This is a simple function to get remote user’s IP address using Flask’s request_object. It is very simple and takes a lot of tweaks, like reading also the X-Forwarded-For field from received header for users who use proxies.

dependencies:

from flask import request

function:

def get_ip():
  # get creative here!
  return request.remote_addr
Jul 112012
 

I have published a small script that tells you your IP, it is useful for scripting purposes you can check it out
here