diff options
authorMichael Orlitzky <>2017-05-07 21:43:42 -0400
committerMichael Orlitzky <>2017-05-07 21:43:59 -0400
commit15381ae65d3f18a94bc800fa5d049c83f533043e (patch)
tree7b9b83d52d8b25924ee16c66e5013a06e30c72fd /www-apache/mod_security/files
parentdev-db/mysql: Drop security vulnerable versions for the 5.5 series (diff)
www-apache/mod_security: new version 2.9.1 to fix some bugs.
There are a few important changes in this version. First, there is a new USE flag "mlogc" for the audit log collector. USE=curl was too confusing. Oh, and it actually installs the log collector files now. Next, I've moved the SecDataDir under /var/lib to eliminate a QA warning. That's a better place for it anyway, because it doesn't hold cached data (we have no way to recreate the stuff if it disappears). I've dropped the code that enables/disables the GeoIP stuff in the configuration file. We don't need to sed our users' configurations based on USE flags: they'll set it to what they want, and we should leave it that way. The flag is still there to pull in the geoip libs. The configuration file is named 79_mod_security.conf now, for consistency. There are two completely new flags, USE=json and USE=fuzzyhash to enable new upstream features. Some missing dependencies were added, and the docs are being built with doxygen for now. The following users submitted code and/or suggestions that I've used. Thanks guys! * Chris Frederick * Graham E * Leho Kraav * Mario D. Santana Gentoo-Bug: 518828 Gentoo-Bug: 594720 Gentoo-Bug: 605496 Gentoo-Bug: 615294 Package-Manager: Portage-2.3.3, Repoman-2.3.1
Diffstat (limited to 'www-apache/mod_security/files')
1 files changed, 11 insertions, 0 deletions
diff --git a/www-apache/mod_security/files/79_mod_security.conf b/www-apache/mod_security/files/79_mod_security.conf
new file mode 100644
index 000000000000..bd88e88a9771
--- /dev/null
+++ b/www-apache/mod_security/files/79_mod_security.conf
@@ -0,0 +1,11 @@
+<IfDefine SECURITY>
+ LoadModule security2_module modules/
+ SecDataDir /var/lib/modsecurity
+ # Enable looking up geolocation data from MaxMind's GeoIP database
+ # SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
+ # Define here your http:BL API key if any
+ # see
+ #SecHttpBlKey xxxxxxxx