Not really a FAQ, just some preemptive notes and a few common errors.
That's not a useful error message.
(Someone here is slightly annoyed from Stackoverflow questions these days.)
Something doesn't work
Many features are unimplemented as of yet.
It will do that if you use most functions but haven't:
- selected a vhost file
- or an existing log file
- and if remote files (sshfs-mounted server) aren't really writable (no working check yet)
Look at the terminal output.
Python import error for _tkinter
As mentioned in the README setup instructions, you do need python3-tk installed (or whatever it's called in your distro).
Noto color emoji / X Error of failed request: BadLength
That's a bug in libxft/tkinter in recent distros. Either uninstall all color emoji fonts, or upgrade tcl+tkinter(...) to 8.6.11. But since that will take some time to make its rounds, any colored glyphs have been removed in modseccfg 0.8 anyway. (Was largely decoration for menus and buttons anyhow.)
Syntax error for f"…" strings
Requires py >=3.6
Main window freezes
It'll do that whilst reading logs, or any other window pops up (editor, info, etc.)
App hangs after main window closed
The multi-window interface may get stuck in a dead loop, if the mainwindow got closed before any aux windows.
How to file a bug report?
Use /tktnew and include the full console output, expected behaviour, and necessary log and conf excerpts, file names and mount point if any. Else it will be closed on sight.
Does this really delete config files?
No. Per default it will even create heaps of backup files in
Does the remote binding option need
It does suffice to say
The slash is just for decoration, the colon makes it a servername argument.
Why don't all rules have tags?
The CoreRuleSet omits them for most rules.
tag:app-wordpress etc. would be sensible. Hint, hint.)
Where's the config file?
Are there sshfs options to be set?
Secret config option is
Other secret options
editor_font can't be edited from the config window, due to being
a list. The config definition allows to add a third font
["…", "…", "bold"] however.
Can this use other log scanners?
If there's a command line tool to scan audit logs for problems, then yes, an option could be added. (In fact, it's planned to bundle a bin/ folder and according menu for Log analyzers.)
Why doesn't this provide for editing of VirtualHost sections?
That would be more work. And less intuitive for the majority, and those that have properly separated vhosts into distinct config files.
There's a few python packages for Apache config parsing that would allow so, but none that are overly convenient to build upon. (Not to mention support for non-destructive file updating.)
It always writes to the first VirtualHost in a file
All SecRule* flags are appended, or injected before any first
Use a better structure:
<VirtualHost *:80> Include vhost.domain.dir </VirtualHost> <VirtualHost *:443> Include vhost.domain.dir Include ssl.conf </VirtualHost>
ServerName example.com DocumentRoot /www/domain/ … SecRuleEngine On
Which coincidentally avoids some repetition.
Can this use python package xyz?
Where's the nginx support?
Not planned. Code contributions are accepted however.
There are enough nginx config parsers out there. Adopting one of them
should be simple. Basically just needs to reuse the
and pass any modsecurity_rules_file over to vhosts.vhosts()
Will this work with mod_security v3 ?
Probably not. I'd imagine this to be a parsing nightmare for Apache as well. So if, it's probably just going to cover secrule_includes, and you'll have to have vhost.name.secrule files alongside.
Install packages as rpm?
Nobody asked for those yet. You can convert installable packages with
alien --to-rpm modsec-flameeyes_2020.06.13_all.deb
locate modseccfg/install to find the package directory.