Technical Blog

Using GeoIP information together with ModSecurity

Introduction In my tutorial’s webserver logfile configuration, there is a position reserved for the country code of an IP address. I have never explained how I get the information into the environment variable that is then used to fill said position. There are several other guides around, but I think it’s time to provide my […]

Arch Linux logo

Kubuntu to Arch Linux

For years, and after using Gentoo in the years 2000-2005, I have been using Kubuntu LTS on my successive laptops. For a while I used an Apple Macbook Pro, but at some point I was constantly compiling diverse MacPorts packages to the point that Linux made more sense. Kubuntu seemed like the logical way. It […]

Ansible end_play vs end_host

If your Ansible playbook needs to be stopped for a single node (host) of your inventory, be sure you do use “meta: end_host” and not “meta: end_play”. The later stops the whole script, and can potentially creates a hard-to-debug situation, depending on your parallelism and the order on which nodes are checked during the playbook […]

Rule Exclusion Script on Steroids

The ModSecurity / OWASP Core Rule Set tutorials here at are visited by over 8,000 times a month. With many of the unique visitors, the auxiliary script modsec-rulereport.rb is a favorite. The tool allows you to generate rule exclusions based on a ModSecurity rule alert message. Today, I’m presenting you a new version of […]