How to install mod_security on Apache 2.x

What is mod_security or modsecurity?

ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
This HOW-TO is for Apache 2.X only.

  1. cd /usr/local/src
  2. mkdir modsecurity2
  3. cd modsecurity2
  4. wget http://www.serverbuddies.com/files/modsecurity-apache_2.5.9.tar.gz
  5. perl -pi -e ’s/ServerTokens Major/ServerTokens Full/’ /etc/httpd/conf/extra/httpd-default.conf
  6. perl -pi -e ’s/ServerSignature Off/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
  7. perl -pi -e ’s/ServerSignature EMail/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
  8. tar xzf modsecurity-apache_2.5.9.tar.gz
  9. cd modsecurity-apache_2.5.9
  10. cd apache2
  11. ./configure
  12. make
  13. make test
  14. make install

Now we download a pre-defined mod_sec ruleset,

  1. cd /etc/modsecurity2/
  2. wget http://www.serverbuddies.com/files/modsec.v2.rules.conf

Add the new compiled mod_security module into the apache configuration,

  1. vi /etc/httpd/conf/httpd.conf

After:

LoadModule php5_module /usr/lib/apache/libphp5.so

Add:

For 32bit -

  1. LoadFile /usr/lib/libxml2.so
  2. LoadModule security2_module     /usr/lib/apache/mod_security2.so

For 64bit -

  1. LoadFile /usr/lib64/libxml2.so
  2. LoadModule security2_module     /usr/lib/apache/mod_security2.so

At the botton of the httpd.conf config file we add the following,

  1. <IfModule mod_security2.c>
  2. # ModSecurity2 config file.
  3. #
  4. Include /etc/modsecurity2/modsec.v2.rules.conf
  5. </IfModule>

Restart the webserver.

  1. service httpd restart

Installation should be completed and mod_sec should be now loaded on your Apache webserve

Was this answer helpful?

 Print this Article

Also Read

Disable shell access for unknown users

Suspect there are other users in your system that have shell access to your system? Please follow...

Is my server hacked? Lets check it with rootkit hunter

RookHit Hunter is a command-line utility that will search your machine for...

How to increase numiptent limit?

You may got the following errors ( Most probably after enabling CSF ) The VPS iptables...

Secure system using "mod_security".

Follow the below steps to install “mod_security”. ModSecurity supplies an array of...

How to change default SSH port?

Everyone knows 22 is the default SSH port. So it’s always good to change this default port...