Commit Graph

82 Commits

Author SHA1 Message Date
Michael Boelen 9e589806dc
Merge pull request #1154 from sanderu/HTTP-6660
Adding HTTP-6660 test
2024-05-14 08:18:53 +02:00
xnoguer 6f1797fb59 Using grep -E 2023-04-23 17:38:21 -04:00
Rafael Grether 6c5ddb9cc2
Update mod_security module version
Update ModSecurity version. Actual version: 3

Issue #1246
2021-12-16 15:41:18 -03:00
Sander d96628d9b1 Adding HTTP-6660 test 2021-05-14 11:56:48 +00:00
Michael Boelen da1c1eca10
Preparation for release 3.0.3 2021-01-07 15:22:19 +01:00
Stéphane 67d04f2536
Add translate function for all sections
+ add EN and FR up to date languages files
2020-10-22 00:13:42 +02:00
Michael Boelen 38310223a6
Updated date/year 2020-03-20 14:50:25 +01:00
Michael Boelen 09f29a5e64
Code style improvement: quote argument 2019-12-18 12:17:46 +01:00
Michael Boelen 36627a4eb7
Style improvements 2019-09-19 14:05:15 +02:00
Michael Boelen 22a7f4fd6d
Combine multiple unsets into a single command 2019-08-26 08:01:43 +02:00
Michael Boelen fa8bad20db
Use -n instead of ! -z 2019-07-16 13:20:30 +02:00
Michael Boelen c97dc3044a
Use exit code instead of ITEM_FOUND value 2019-07-10 19:35:51 +02:00
Michael Boelen 928023ec6a
[HTTP-6624] improved logging for test 2019-03-19 13:07:12 +01:00
Michael Boelen 08ed748a86
Disable logging of virtual host to report due to length 2019-01-31 14:49:00 +01:00
Michael Boelen 66066ae226
Changed year and preparing for new release 2019-01-31 14:47:35 +01:00
Bernhard R. Fischer c024ce31d8 added path information for correct detection of config files and modules of Apache 2.4 (standard installation from ports tree) on FreeBSD (#562) 2018-07-24 19:08:45 +02:00
BlessJah d7d42d9103 remove non printable characters from code (#470)
Non printable ESC character is required to obtain terminal escape
sequence i.e. for changing output color.

Such sequences (especially ESC character) were replaced by command
substitution producing exactly same result (variable value), but using
only "safe" characters.

Use of printf and especialy '\033' or '\0ddd' sequences is described
here:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/printf.html#tag_20_94_13

Use of $(command) or command substitution is described here:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_06_03

Verbatim TAB characters were replaced with \t escape sequence as
described to avoid problems with editors silently replacing them or
developer accidentialy messing up the regex.
2018-01-17 17:12:36 +01:00
Michael Boelen 66f8cb2441
Changed year 2018-01-11 09:50:26 +01:00
Michael Boelen 11f81345ee
Code enhancement 2017-09-16 14:08:38 +02:00
Michael Boelen 4781b1c170
Added /opt/apache 2017-08-02 13:01:23 +02:00
James White d7b0c28699 Add /usr/lib/apache module search path for DirectAdmin (#417) 2017-07-11 09:26:00 +02:00
mslifcak 8d2b3a202f A250 2 (#398)
* fix missing ROOTDIR prefix

* sort list of services before processing

* sort list of certificates before processing

* sort list of startup scripts before processing

* spell check

* remove possessive pronoun
2017-05-31 15:40:39 +02:00
Michael Boelen aec9b57c29
Changes to BOOT-5104 and HTTP-6716 2017-05-08 14:56:39 +02:00
Michael Boelen 918b962ae5
Code enhancements 2017-05-03 10:42:34 +02:00
Michael Boelen a9b67dc675
Reinitialize temporary files to prevent possible symlink attack - CVE-2017-8108 2017-05-03 09:47:35 +02:00
Michael Boelen 4ecb9d4d05
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00
Michael Boelen 70ea29483a
Code enhancements 2017-04-23 20:06:54 +02:00
Michael Boelen 57770fe332 [HTTP-6641] support Apache mod_reqtimeout module 2017-03-20 13:40:00 +01:00
hlein b595cc0fb5 Various cleanups (#363)
* Typo fix.

* Style change: always use $(), never ``.

The Lynis code already mostly used $(), but backticks were sprinkled
around.  Converted all of them.

* Lots of minor spelling/typo fixes.

FWIW these were found with:

  find . -type f -print0 | xargs -0 cat | aspell list | sort -u | egrep '^[a-z]+$' | less

And then reviewing the list to pick out things that looked like
misspelled words as opposed to variables, etc., and then manual
inspection of context to determine the intention.
2017-03-06 07:41:21 +00:00
Michael Boelen 34ba1ba184 Changed date and preparing for release 2017-02-09 13:35:40 +01:00
Michael Boelen 86051feaf8 Correct ServerAlias test 2016-09-10 16:16:58 +02:00
Michael Boelen 82ededed31 Style improvements and command replacements 2016-09-08 21:04:17 +02:00
Rutger van Sleen 67b1abedfa Fix sed syntax for ServerAlias removal
When a Apache config directive is in use, it has whitespace(s) or nothing at all prepended. Assuming that it always has a space before it doesn't have to match.
2016-08-30 20:03:38 +02:00
Michael Boelen 679e8c628e Use detected binaries 2016-08-25 15:31:33 +02:00
Michael Boelen 0dab1e9308 Allow multiple level of includes 2016-08-16 08:36:42 +02:00
Michael Boelen 4b96452dab Clean out unneeded file 2016-08-16 08:11:51 +02:00
Michael Boelen 1b30f6e558 Extended nginx testing 2016-08-16 08:08:15 +02:00
Michael Boelen 6392bc08d1 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:04 +02:00
Michael Boelen 7670560c2a [HTTP-6720] Improve readability of test 2016-07-30 13:55:10 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Michael Boelen 74c9513fbb [HTTP-6632] fix for proper detection of Apache modules 2016-07-11 09:49:24 +02:00
Michael Boelen 983e293eb1 Replaced text strings to allow translations 2016-06-18 11:14:01 +02:00
Michael Boelen c88a2678f6 [HTTP-6642] Test disabled 2016-06-07 16:59:37 +02:00
Michael Boelen eded02cfde Rewritten counters and dealing with values 2016-05-03 14:57:53 +02:00
mboelen 42607ceaf5 Replaced old function names with new ones 2016-04-28 12:31:57 +02:00
mboelen f109c318d9 Detect when weak protocols are used, simplify nginx test 2016-04-27 16:51:12 +02:00
mboelen 1825d91c85 [HTTP-6710] Show suggestion when using a weak protocol 2016-04-27 16:37:32 +02:00
mboelen eb0206198a [HTTP-6710] Show SSLv3 as weak protocol 2016-04-27 16:36:24 +02:00
mboelen 8cc47819b4 Removed copyright line, added description 2016-03-13 16:03:46 +01:00
mboelen 6197ac08e7 Added link to website, blog, github 2016-03-13 16:00:39 +01:00