Mod_Security is an open source web application firewall (WAF) and intrusion detection and prevention system for web applications. It is used to protect and monitor real time HTTP traffic and web applications from brute fore attacks.

Install Mod_Security

Step 1: Installing Dependencies for mod_security
yum install gcc make
yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel

Step 2: Installing Mod_Security
Run the following commands as root.
cd /usr/src
wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz
tar xzf modsecurity-apache_2.6.6.tar.gz
cd modsecurity-apache_2.6.6
./configure
make install
cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf

Step 3: Downloading OWASP Mod_Security Core Rule Set
Mod_Security requires OWASP (Open Web Application Security Project) core rules for base configuration, these rules are used to protect from unknown vulnerabilities which often found on web applications. So, here we are going to download and install rule set for mod_security. Run the following commands.
cd /etc/httpd/
wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz
tar xzf modsecurity-crs_2.2.5.tar.gz
mv modsecurity-crs_2.2.5 modsecurity-crs
cd modsecurity-crs
cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf

Step 4: Configuring Mod_Security
Now, you need to modify your Apache configuration file to load the mod_security module.
vi /etc/httpd/conf/httpd.conf
Search for the line LoadModule in your httpd.conf and add this below line at the bottom.
LoadModule security2_module modules/mod_security2.so

Now set the basic rule set in your httpd.conf file. Add the following lines of code at the end of the file.
<IfModule security2_module>
    Include modsecurity-crs/modsecurity_crs_10_config.conf
    Include modsecurity-crs/base_rules/*.conf
</IfModule>

Next, restart the Apache service to enable mod_security module and their rules.
/etc/init.d/httpd restart