speedy
07-06-2007, 09:43 AM
Mod security is crucial for having a layer of defense against hackers.
Note:ModSecurity 2.x works with Apache 2.0.x or better.
It is assumed here that you are using a red hat or fedora OS in this article.
Check to see if you have libxml2 installed
rpm -q libxml2You will also need to have the following - query each and install them if you do not have them. After mod_security is done installing, we will remove these packages.
httpd-devel
apr-devel
apr-util-devel
pcre-develif not, install it.
wget ftp://xmlsoft.org/libxml2/libxml2-2.6.27-1.i386.rpm
rpm -Uvh libxml2-2.6.27-1.i386.rpmGet mod_security
wget http://www.modsecurity.org/download/modsecurity-apache_2.1.1.tar.gz
tar zxf modsecurity-apache_2.1.1.tar.gzEdit the makefile to put in your http root for param top_dir .
For FC4 its most likely
top_dir = /etc/httpdFor RHEL4 it is most likely
top_dir = /usr/lib/httpdNote: Depending on your installation the FC4 may work for all RHEL/FC installs
Compile with make
Stop Apache
Install with make install
now go to your httpd.conf file, typically located at /etc/httpd/conf/
nano -w /etc/httpd/conf/httpd.conf
find the section that contains the LoadModule portion.
Above all of the LoadModule directives add
LoadFile /usr/lib/libxml2.soThen go to the end of the LoadModule section and add
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/*.confnow we need to get the configuration policies
mkdir /etc/httpd/conf/modsecurity;cd /etc/httpd/conf/modsecurity
wget http://www.modsecurity.org/download/modsecurity-core-rules_2.1-1.4.tar.gz
tar zxf modsecurity-core-rules_2.1-1.4.tar.gz
rm -f modsecurity-core-rules_2.1-1.4.tar.gz
Edit the *.conf files to fit your machines usage and expected rule sets
restart apache - it will fail to stop, thats fine.
/sbin/service httpd restartremove those packages we don't need anymore
rpm -e httpd-devel
rpm -e apr-util-devel
rpm -e apr-devel
rpm -e pcre-devel
You now have Mod_Security installed, congratulations!
Note:ModSecurity 2.x works with Apache 2.0.x or better.
It is assumed here that you are using a red hat or fedora OS in this article.
Check to see if you have libxml2 installed
rpm -q libxml2You will also need to have the following - query each and install them if you do not have them. After mod_security is done installing, we will remove these packages.
httpd-devel
apr-devel
apr-util-devel
pcre-develif not, install it.
wget ftp://xmlsoft.org/libxml2/libxml2-2.6.27-1.i386.rpm
rpm -Uvh libxml2-2.6.27-1.i386.rpmGet mod_security
wget http://www.modsecurity.org/download/modsecurity-apache_2.1.1.tar.gz
tar zxf modsecurity-apache_2.1.1.tar.gzEdit the makefile to put in your http root for param top_dir .
For FC4 its most likely
top_dir = /etc/httpdFor RHEL4 it is most likely
top_dir = /usr/lib/httpdNote: Depending on your installation the FC4 may work for all RHEL/FC installs
Compile with make
Stop Apache
Install with make install
now go to your httpd.conf file, typically located at /etc/httpd/conf/
nano -w /etc/httpd/conf/httpd.conf
find the section that contains the LoadModule portion.
Above all of the LoadModule directives add
LoadFile /usr/lib/libxml2.soThen go to the end of the LoadModule section and add
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/*.confnow we need to get the configuration policies
mkdir /etc/httpd/conf/modsecurity;cd /etc/httpd/conf/modsecurity
wget http://www.modsecurity.org/download/modsecurity-core-rules_2.1-1.4.tar.gz
tar zxf modsecurity-core-rules_2.1-1.4.tar.gz
rm -f modsecurity-core-rules_2.1-1.4.tar.gz
Edit the *.conf files to fit your machines usage and expected rule sets
restart apache - it will fail to stop, thats fine.
/sbin/service httpd restartremove those packages we don't need anymore
rpm -e httpd-devel
rpm -e apr-util-devel
rpm -e apr-devel
rpm -e pcre-devel
You now have Mod_Security installed, congratulations!