Created
March 1, 2012 03:40
-
-
Save fduran/1947100 to your computer and use it in GitHub Desktop.
Apache security: installing mod_security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# www.fduran.com | |
# installing mod_security http://www.modsecurity.org (Debian-based distro) | |
# apachectl -M | |
apache2: Could not reliably determine the server's fully qualified domain name, using boxmetric.com for ServerName | |
Loaded Modules: | |
core_module (static) | |
log_config_module (static) | |
logio_module (static) | |
mpm_prefork_module (static) | |
install apxs: | |
# apt-get install apache2-prefork-dev | |
check: | |
# apxs2 | |
# apt-get install libxml2 libxml2-dev | |
check if already installed: libpcre3 libapr1 libaprutil1 | |
download from http://www.modsecurity.org/download/ : | |
# cd /usr/local/src/ | |
# wget http://www.modsecurity.org/download/modsecurity-apache_2.6.3.tar.gz | |
# tar zxvf modsecurity-apache_2.6.3.tar.gz | |
# cd modsecurity-apache_2.6.3 | |
# ./configure | |
# make | |
For some reason "make" tryes to make also mlogc which is optional, if making mlogc fails but before that there are no errors then it should be fine (mod_security2.so exists). | |
# ln -s /usr/local/src/modsecurity-apache_2.6.3/apache2/.libs/mod_security2.so /usr/lib/apache2/modules/mod_security2.so | |
# echo "LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so" > /etc/apache2/mods-available/security2.load | |
# a2enmod security2 | |
# /etc/init.d/apache2 restart | |
check module is loaded: | |
# apachectl -M |grep security | |
Syntax OK | |
security2_module (shared) | |
test for example with default configuration from http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#A_Recommended_Base_Configuration | |
copy into /etc/apache2/conf.d/mod_security , restart apache to check |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment