Forums
box Left
box right

Go Back   Forums > Plesk > How To ... > For Server Operators
Reload this Page Install Mod_Security
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Rate Thread
  #1  
Old 07-06-2007, 09:43 AM
speedy's Avatar
speedy speedy is offline
Administrator
Location: Bellevue, Washington
  
Join Date: Mar 2007
Location: Bellevue, Washington
Posts: 37
Rep Power: 10
speedy is on a distinguished road
Default Install Mod_Security
Mod security is crucial for having a layer of defense against hackers.
Note:ModSecurity 2.x works with Apache 2.0.x or better.

It is assumed here that you are using a red hat or fedora OS in this article.

Check to see if you have libxml2 installed
Code:
rpm -q libxml2
You will also need to have the following - query each and install them if you do not have them. After mod_security is done installing, we will remove these packages.

Code:
httpd-devel
apr-devel
apr-util-devel
pcre-devel
if not, install it.
Code:
wget ftp://xmlsoft.org/libxml2/libxml2-2.6.27-1.i386.rpm
rpm -Uvh libxml2-2.6.27-1.i386.rpm
Get mod_security
Code:
wget http://www.modsecurity.org/download/modsecurity-apache_2.1.1.tar.gz
tar zxf modsecurity-apache_2.1.1.tar.gz
Edit the makefile to put in your http root for param top_dir .

For FC4 its most likely
Code:
top_dir = /etc/httpd
For RHEL4 it is most likely
Code:
top_dir = /usr/lib/httpd
Note: Depending on your installation the FC4 may work for all RHEL/FC installs

Compile with make
Stop Apache
Install with make install


now go to your httpd.conf file, typically located at /etc/httpd/conf/
Code:
nano -w /etc/httpd/conf/httpd.conf
find the section that contains the LoadModule portion.

Above all of the LoadModule directives add
Code:
LoadFile /usr/lib/libxml2.so
Then go to the end of the LoadModule section and add

Code:
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/*.conf
now we need to get the configuration policies

Code:
mkdir /etc/httpd/conf/modsecurity;cd /etc/httpd/conf/modsecurity

wget http://www.modsecurity.org/download/modsecurity-core-rules_2.1-1.4.tar.gz

tar zxf modsecurity-core-rules_2.1-1.4.tar.gz
rm -f modsecurity-core-rules_2.1-1.4.tar.gz
Edit the *.conf files to fit your machines usage and expected rule sets

restart apache - it will fail to stop, thats fine.
Code:
/sbin/service httpd restart
remove those packages we don't need anymore

Code:
rpm -e httpd-devel
rpm -e apr-util-devel
rpm -e apr-devel
rpm -e pcre-devel
You now have Mod_Security installed, congratulations!
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 11:53 PM.

Contact Us - Plesk Hosts - Archive - Top

Powered by vBulletin® Version 3.8.2 and vBadvanced CMPS
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Inactive Reminders By Mished.co.uk