mod_security2 installation on apache2 and configuration(Linux)

Download and install modsec2

cd /usr/src/src

wget http://www.modsecurity.org/download/modsecurity-apache_2.5.13.tar.gz

tar -zxf modsecurity-apache_2.5.13.tar.gz

cd modsecurity-apache_2.5.13

cd apache2

./configure –with-apxs=/usr/local/apache/bin/apxs

make

make install

 

You can see the module mod_security2.so has been added to /usr/local/apache/modules/  directory.

 

Now we ned to configure modsec2. Create a file called /usr/local/apache/conf/modsec2.conf and enter the text below

vi /usr/local/apache/conf/modsec2.conf

 

LoadModule security2_module  modules/mod_security2.so
<IfModule mod_security2.c>
SecRuleEngine On
# See http://www.modsecurity.org/documentation/ModSecurity-Migration-Matrix.pdf
#  “Add the rules that will do exactly the same as the directives”
# SecFilterCheckURLEncoding On
# SecFilterForceByteRange 0 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log
SecDebugLog logs/modsec_debug_log
SecDebugLogLevel 0
SecDefaultAction “phase:2,deny,log,status:406”
SecRule REMOTE_ADDR “^127.0.0.1$” nolog,allow
Include “/usr/local/apache/conf/
modsec_nice_rules.conf

</IfModule>

Download modsec rules from here.

cd /usr/local/apache/conf/

Add the following line inside httpd.conf file.

Include “/usr/local/apache/conf/modsec2.conf”

Check if the apache syntax is correct.

/etc/rc.d/init.d/httpd configtest

If syntax Ok, do a graceful restart of apache

/etc/rc.d/init.d/httpd graceful

 

If modsec throws this error in apache error_log

 

ModSecurity: ModSecurity requires mod_unique_id to be installed

 

Sol:-

cd /home/cpeasyapache/src/httpd-x.x.x/modules/metadata

/usr/local/apache/bin/apxs -i -a -c mod_unique_id.c

cheeck apache configuration

/etc/rc.d/init.d/httpd configtest

 

If syntax ok, restart apache

 /etc/rc.d/init.d/httpd graceful

 

If not cpanel server, download the apache version source file from  http://archive.apache.org/dist/httpd/

Eg:

[root@server ]# /usr/sbin/httpd -v
Server version: Apache/2.2.3
wget http://archive.apache.org/dist/httpd/httpd-2.2.3.tar.gz

tar -zxf httpd-2.2.3.tar.gz

cd httpd-2.2.3

/usr/sbin/apxs -i -a -c mod_unique_id.c

/etc/rc.d/init.d/httpd configtest

/etc/rc.d/init.d/httpd graceful

 

Test it

http://main_IP/mkdir

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: