Skip to content

Instantly share code, notes, and snippets.

@amarnus

amarnus/modsecurity_mac.md

Last active November 10, 2020 12:35
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save amarnus/621fc1612036e186b6a6 to your computer and use it in GitHub Desktop.
Save amarnus/621fc1612036e186b6a6 to your computer and use it in GitHub Desktop.
Download ZIP
How to enable and setup ModSecurity on a Mac?
Raw
modsecurity_mac.md

Use brew to install the ModSecurity Apache module.

brew install homebrew/apache/mod_security

Ask Apache to load the module by editing the configuration file (at /etc/apache2/httpd.conf). Under the long list of LoadModule statements, add:

LoadModule security2_module /usr/local/Cellar/mod_security/2.7.7/libexec/mod_security2.so

While you are at it, load the mod_unique_id module as well. This is required by ModSecurity. Do so by uncommenting the line:

LoadModule unique_id_module libexec/apache2/mod_unique_id.so

Copy the ModSecurity recommended configuration to a place where it can get picked up by Apache automatically.

cp  /usr/local/Cellar/mod_security/2.7.7/modsecurity.conf-recommended \
    /etc/apache/other/modsecurity.conf

Once you have done this, test that Modsecurity is indeed active by trying this out:

http://www.apachelounge.com/viewtopic.php?t=2520

And after that clone and link the OWASP Core Rule Set by following the instructions here:

http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-opensuse-server

@armdn
Copy link

armdn commented Nov 10, 2020

This does not work anymore, as there is no mod_security on homebrew.

@amarnus
Copy link
Author

amarnus commented Nov 10, 2020

Yes, It does appear that the Apache tap has been deprecated:
https://github.com/Homebrew/brew/pull/3274/files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment