web2iran.ir
July 27th, 2015, 13:11
, at the time of writing this guide it’s version 2.7.5.
wget https://www.modsecurity.org/tarball/2.8.0/modsecurity-2.8.0.tar.gz
Then extract the tar.gz:
tar zvxf modsecurity-*
Installation is pretty straightforward:
cd modsecurity-*
yum install expat-devel -y
./configure
make
make install
cp modsecurity.conf-recommended /etc/httpd/conf/modsecurity.conf
We have succesfully installed mod_security, but we need to tell Apache about it. Add this to/etc/httpd/conf/extra/httpd-includes.conf
## Load dependencies ##
LoadFile /usr/local/lib/libxml2.so
## Load mod_security ##
LoadModule security2_module /usr/lib/apache/mod_security2.so
Restart httpd for mod_security to kick in!
service httpd restart
To check if the mod_security module has loaded, type this and find security2_module (shared):
apachectl -t -D DUMP_MODULES
Installing OWASP rules (http://spiderlabs.gi…modsecurity-crs (http://spiderlabs.github.io/owasp-modsecurity-crs)):
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master
mv master rules.tar.gz
tar zvxf rules.tar.gz
cd SpiderLabs-owasp-modsecurity*
mkdir /etc/httpd/conf/crs
mv * /etc/httpd/conf/crs
cd /etc/httpd/conf/crs
mv modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf
for f in `ls base_rules/` ; do sudo ln -s /etc/httpd/conf/crs/base_rules/$f activated_rules/$f ; done
for f in `ls optional_rules/ | grep comment_spam` ; do sudo ln -s /etc/httpd/conf/crs/optional_rules/$f activated_rules/$f ; done
Now add the following to /etc/httpd/conf/extra/httpd-includes.conf:
<IfModule security2_module>
Include conf/crs/modsecurity_crs_10_setup.conf
Include conf/crs/activated_rules/*.conf
</IfModule>
Finally restart Apache…
service httpd restart
https://blog.web4asia.in/?p=123 (https://blog.web4asia.in/?p=123)
wget https://www.modsecurity.org/tarball/2.8.0/modsecurity-2.8.0.tar.gz
Then extract the tar.gz:
tar zvxf modsecurity-*
Installation is pretty straightforward:
cd modsecurity-*
yum install expat-devel -y
./configure
make
make install
cp modsecurity.conf-recommended /etc/httpd/conf/modsecurity.conf
We have succesfully installed mod_security, but we need to tell Apache about it. Add this to/etc/httpd/conf/extra/httpd-includes.conf
## Load dependencies ##
LoadFile /usr/local/lib/libxml2.so
## Load mod_security ##
LoadModule security2_module /usr/lib/apache/mod_security2.so
Restart httpd for mod_security to kick in!
service httpd restart
To check if the mod_security module has loaded, type this and find security2_module (shared):
apachectl -t -D DUMP_MODULES
Installing OWASP rules (http://spiderlabs.gi…modsecurity-crs (http://spiderlabs.github.io/owasp-modsecurity-crs)):
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master
mv master rules.tar.gz
tar zvxf rules.tar.gz
cd SpiderLabs-owasp-modsecurity*
mkdir /etc/httpd/conf/crs
mv * /etc/httpd/conf/crs
cd /etc/httpd/conf/crs
mv modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf
for f in `ls base_rules/` ; do sudo ln -s /etc/httpd/conf/crs/base_rules/$f activated_rules/$f ; done
for f in `ls optional_rules/ | grep comment_spam` ; do sudo ln -s /etc/httpd/conf/crs/optional_rules/$f activated_rules/$f ; done
Now add the following to /etc/httpd/conf/extra/httpd-includes.conf:
<IfModule security2_module>
Include conf/crs/modsecurity_crs_10_setup.conf
Include conf/crs/activated_rules/*.conf
</IfModule>
Finally restart Apache…
service httpd restart
https://blog.web4asia.in/?p=123 (https://blog.web4asia.in/?p=123)