How to install mod_security on Apache 2.x

What is mod_security or modsecurity?

ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
This HOW-TO is for Apache 2.X only.

  1. cd /usr/local/src
  2. mkdir modsecurity2
  3. cd modsecurity2
  4. wget http://www.serverbuddies.com/files/modsecurity-apache_2.5.9.tar.gz
  5. perl -pi -e ’s/ServerTokens Major/ServerTokens Full/’ /etc/httpd/conf/extra/httpd-default.conf
  6. perl -pi -e ’s/ServerSignature Off/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
  7. perl -pi -e ’s/ServerSignature EMail/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
  8. tar xzf modsecurity-apache_2.5.9.tar.gz
  9. cd modsecurity-apache_2.5.9
  10. cd apache2
  11. ./configure
  12. make
  13. make test
  14. make install

Now we download a pre-defined mod_sec ruleset,

  1. cd /etc/modsecurity2/
  2. wget http://www.serverbuddies.com/files/modsec.v2.rules.conf

Add the new compiled mod_security module into the apache configuration,

  1. vi /etc/httpd/conf/httpd.conf

After:

LoadModule php5_module /usr/lib/apache/libphp5.so

Add:

For 32bit -

  1. LoadFile /usr/lib/libxml2.so
  2. LoadModule security2_module     /usr/lib/apache/mod_security2.so

For 64bit -

  1. LoadFile /usr/lib64/libxml2.so
  2. LoadModule security2_module     /usr/lib/apache/mod_security2.so

At the botton of the httpd.conf config file we add the following,

  1. <IfModule mod_security2.c>
  2. # ModSecurity2 config file.
  3. #
  4. Include /etc/modsecurity2/modsec.v2.rules.conf
  5. </IfModule>

Restart the webserver.

  1. service httpd restart

Installation should be completed and mod_sec should be now loaded on your Apache webserve

Was this answer helpful?

 Print this Article

Also Read

How to disable all Apache header information?

Follow the below steps to disable Apache header information. Edit your mail Apache configuration...

How to Secure PHP from php.ini

PHP's default configuration file, php.ini (usually found in /etc/php.ini on most Linux systems)...

How to Password Protect a Directory

This tutorial will teach how to password protect a directory. Password protecting a directory...

How To Use The IP Deny Manager

This tutorial will teach you how to use the IP Deny Manager to block access to your web site from...

Scan your Linux system with Clam AntiVirus/ClamAV.Installation Guide

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware...