17 April 2014                                     Apache Lounge Distribution

                    mod_security-2.8.0 build with libxml2-2.9.1 lua-5.1.5 pcre-8.34 yajl-2.1.0 for Apache 2.2.x Win32 VC10

# Original source by: Ivan Ristic <ivanr@webkreator.com>
# Original Home: http://www.modsecurity.org/
# Win32 binary by: Steffen
# Mail: info@apachelounge.com
# Home: http://www.apachelounge.com/


Build with Visual Studio 2010 SP1 (VC10) x86
---------------------------------------------

Be sure you have installed the Visual C++ 2010 SP1 Redistributable Package x86,
download and install, if you not have it already, from:

  http://www.microsoft.com/download/en/details.aspx?id=8328



# Notes:

- Lua is build inline, no need to have lua5.1.dll


# Install:

- Copy mod_security2.so to the apache /modules folder

- Copy libxml2.dll, pcre.dll and yajl.dll to the apache /bin folder


# Add to your httpd.conf:

- LoadModule security2_module modules/mod_security2.so

- Enable the module unique_id by uncommenting:

  LoadModule unique_id_module modules/mod_unique_id.so


# Configuration: see the included documentation

# Rules at: http://www.modsecurity.org/

# A very quick start:

SecRuleEngine On
SecDefaultAction "deny,phase:2,status:403"

## -- rule --


SecRule ARGS "\.\./" "t:normalizePathWin,id:50904,severity:4,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:lowercase,msg:'Drive Access'" 


Call your site with: 

http://www.xxxx.com/?abc=../../ 

You should get a access denied and is logged in the Apache error.log, it is triggered by the above rule

Enjoy,


Steffen