Installing Modsecurity

From http://michael-and-mary.net/?q=node/1261

Modsecurity is an open source web application firewall for the Apache server that helps to keep the malicious people at bay. To install Modsecurity, first install the package: httpd-devel (yum install httpd-devel) [as root]. Next, execute the following commands (as root) to install and configure Modsecurity:

cd /root

wget http://www.modsecurity.org/download/modsecurity-apache_1.9.4.tar.gz

tar -xvzf modsecurity-apache_1.9.4.tar.gz

cd modsecurity-apache_1.9.4/apache2/

/usr/sbin/apxs -cia mod_security.c

The last line of the compilation should read: activating module ‘security’ in /etc/httpd/conf/httpd.conf, indcating that modsecurity is successfully built and installed.

Delete the downloaded package by executing the commands [as root]:

cd /root

rm -rf modsecurity*

Next, get the Modsecurity rulesets and install them. Execute the following commands to fetch and install the rulesets [as root]:

cd /etc/httpd/conf.d/

wget http://www.modsecurity.org/download/rules/modsecurity-general.conf

wget http://www.modsecurity.org/download/rules/modsecurity-php.conf

wget http://www.modsecurity.org/download/rules/modsecurity-output.conf

wget http://www.gotroot.com/downloads/ftp/mod_security/apache2/apache2-gotrootrules-latest.tar.gz

tar -xvzf apache2-gotrootrules-latest.tar.gz

mv apache2/* .

rm -rf apache2/

rm -rf apache2-gotrootrules-latest.tar.gz

Next, restart Apache to read the new rules. Execute the command: /sbin/service httpd restart (as root) to restart Apache.

The rules are updated very frequently, so keep updating them to get the latest protection.




Thanks for reading this post!


If you found an issue in this article, you can create an issue on Github.

If you have a comment or question, please drop me a line below!