Hey,
I’m a newbie here and facing a couple issue with my droplet. Wanted to harden the security of my Ubuntu droplet but facing some issues. Googled a lot but can’t see any solution of these problems. Any suggestion on how to fix these?
1.) How can I update OWASP modsecurity core rule set? Right now I am using 2.2.4 and the latest version is 2.2.9 (https://github.com/SpiderLabs/owasp-modsecurity-crs)
Job for apache2.service failed because the control process exited with error code. See “systemctl status apache2.service” and “journalctl -xe” for details.
When I comment the line line --> Include “/etc/modsecurity/activated_rules/*.conf” Apache starts working again.
net.ipv4.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
and reloaded the new rules by “sudo service procps start”
I get the following error after running “sysctl -p”
sysctl: cannot stat /proc/sys/net/ipv4/conf/default/accept_source_route: No such file or directory sysctl: cannot stat /proc/sys/net/ipv6/conf/default/accept_source_route: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses: No such file or directory
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi,
I faced the same isseu with /proc/sys/net/ipv4/conf/default/acceptsourceroute and /proc/sys/net/ipv6/conf/default/acceptsourceroute.
Did you found a solution for it yet?
Regards…