What is mod_security or modsecurity?
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
This HOW-TO is for Apache 2.X only.
1.
cd /usr/local/src
2.
mkdir modsecurity2
3.
cd modsecurity2
4.
wget http://www.serverbuddies.com/files/modsecurity-apache_2.5.9.tar.gz
5.
perl -pi -e ’s/ServerTokens Major/ServerTokens Full/’ /etc/httpd/conf/extra/httpd-default.conf
6.
perl -pi -e ’s/ServerSignature Off/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
7.
perl -pi -e ’s/ServerSignature EMail/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
8.
tar xzf modsecurity-apache_2.5.9.tar.gz
9.
cd modsecurity-apache_2.5.9
10.
cd apache2
11.
./configure
12.
make
13.
make test
14.
make install
Now we download a pre-defined mod_sec ruleset,
1.
cd /etc/modsecurity2/
2.
wget http://www.serverbuddies.com/files/modsec.v2.rules.conf
Add the new compiled mod_security module into the apache configuration,
vi /etc/httpd/conf/httpd.conf
After:
LoadModule php5_module /usr/lib/apache/libphp5.so
Add:
For 32bit -
1.
LoadFile /usr/lib/libxml2.so
2.
LoadModule security2_module /usr/lib/apache/mod_security2.so
For 64bit -
1.
LoadFile /usr/lib64/libxml2.so
2.
LoadModule security2_module /usr/lib/apache/mod_security2.so
At the botton of the httpd.conf config file we add the following,
1.
2.
# ModSecurity2 config file.
3.
#
4.
Include /etc/modsecurity2/modsec.v2.rules.conf
5.
Restart the webserver.
1.
service httpd restart
Installation should be completed and mod_sec should be now loaded on your Apache webserver.
Any suggestion or questions are welcome.
Steps to Install Mod_Security on Direct Admin
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment