If you performed a default install of ModSecurity but never modified the configuration or completed any other steps the chances are that you are not logging any ModSecurity items. Typically you just need to add a directory structure with the proper permissions and then ModSecurity will do the rest as far as generating the files themselves.
Lately I have been working on a Ruby project that has a bunch of different branches that various developers are working on. One of the development servers has multiple virtual hosts and at certain points in the code release cycle the various virtual hosts could be completely split from the main branch of Ruby code either because of a bug fix, a specific feature, or any number of other reasons. The other night I needed to bring one of the virtual hosts to a near production release to test some features of a product that uses the web application to record data and when I attempted to “git pull” I received an error which is described in detail below along with what I ended up doing to resolve the problem.
**UPDATE: New article here.
Its a little more complicated to create a read only database user with PostgreSQL than say using something like MySQL. You will need to grant select access on each table in the database for the read only user. Keep in mind that each time you add a new table you will need to either run the shell script below again or manually grant select access on the new table for the read only user.
When attempting to upload files via the WordPress admin to your blog you might receive the below error. This error can be caused for a couple different reasons of which the main reason relates to permissions. Resolving the issue is a security risk but depending on how convenient you want it to be to upload files will depend on if you should use the WP admin or if you should just FTP the files to your blog site.
Error: WordPress File Upload Error: The uploaded file could not be moved to /wordpress/root/wp-content/uploads/2009/04
Below I list two different causes and resolutions for each one.
When configuring SSH keys to be able to login to a server without a password you mighkeys2t run into a permissions error. If the authorized_keys or authorized_keys2 file has the incorrect permissions it will not authenticate with your ssh-rsa key but instead still require a password. If you are having trouble configuring SSH keys you should check the /var/log/secure file to see if there is an error displaying in that log. You may see the error displayed below.
Error: Authentication refused: bad ownership or modes for file .ssh/authorized_keys
If you see this error it means that the authorized_keys or authorized_keys2 file has the incorrect ownership or permissions. Make sure that the authorized_keys file is owned by the user that will be logged into and the permissions are 600. So if the username is backup you would want the file to look like the below when issuing the “ls -alh” command.