March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

Categories

March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

Install the (ModSecurity) centos fedora redhat

Install the (ModSecurity)

cd /usr/local/src/

wget http://www.modsecurity.org/tarball/2.7.2/modsecurity-apache_2.7.2.tar.gz

tar -zxvf modsecurity-apache_2.7.2.tar.gz

cd  modsecurity-apache_2.7.2

./configure

configure: *** pcre library not found.
configure: error: pcre library is required

 

yum -y update pcre

additional package dependencies.
yum -y install  pcre-devel
yum -y install  libxml2
yum -y install  libxml2-devel

mod_unique_id need to use mod_security

cd /software/httpd-2.24/modules/metadata

/Usr/local/apache2/bin/apxs -cia Mod_unique_id.C

cd /software/httpd-2.24/Srclib/apr
./configure
make
make install

cd /software/httpd-2.24/Srclib/apr-util

./configure -with-apr=/usr/local/apr/bin/apr-1-config

make
make install

 

Recomplie apache for PCRE APR APR-UTI

cd /software/httpd-2.24

make clean

/configure –enable-so \
            –enable-rewrite \
            –enable-mods-shared=”unique_id” \
            –with-pcre \
            –with-apr=/usr/local/apr/bin/apr-1-config \
            –with-apr-util=/usr/local/apr/bin/apu-1-config \
            –prefix=/usr/local/apache2
make
make install

 

Install Mod security
cd /usr/local/src/

cd  modsecurity-apache_2.7.2

make clean

./configure \
          –prefix=/usr/local/apache2 \
          –with-apxs=/usr/local/apache2/bin/apxs \
          –with-apr=/usr/local/apache2/bin/apr-1-config \
          –with-apu=/usr/local/apache2/bin/apu-1-config \
          –with-pcre=/usr/bin/pcre-config \
          –with-libxml=/usr/bin/xml2-config \
           LDFLAGS=-L/usr/local/apache2/lib
make
make install

 

mkdir /var/modsecurity/
mkdir /var/modsecurity/data
mkdir /var/modsecurity/tmp
mkdir /var/modsecurity/upload
chown root:apache /var/modsecurity
chown apache:root /var/modsecurity/data
chown apache:apache /var/modsecurity/tmp
chown apache:root /var/modsecurity/upload/
chmod 750 /var/modsecurity
chmod 700 /var/modsecurity/data
chmod 750 /var/modsecurity/tmp
chmod 700 /var/modsecurity/upload

cd /usr/local/src

wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master

tar xvfz SpiderLabs-owasp-modsecurity-crs-2.2.7-13-g40b2c75.tar.gz

mkdir /usr/local/apache2/crs

cd /usr/local/apache2/crs
cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf
vi modsecurity_crs_10_config.conf

SecRuleEngine On
# SecRequestBodyAccess
SecRequestBodyAccess On
SecResponseBodyAccess Off
# SecRequestBodyLimit
SecRequestBodyLimit 5242880
# SecRequestBodyNoFilesLimit
SecRequestBodyNoFilesLimit 51200
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus “^(?:5|4(?!04))”
SecAuditLogType Serial
SecAuditLog logs/modsec_audit.log
SecAuditLogParts “ABIFHKZ”
SecDebugLog             logs/modsec_debug.log
SecDebugLogLevel        3
SecDataDir      /var/modsecurity/data/
SecTmpDir       /var/modsecurity/tmp/
SecUploadDir    /var/modsecurity/upload/

vi /usr/local/apache2/conf/extra/httpd-modsecurity.conf

LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
 
Include crs/modsecurity_crs_10_config.conf
Include crs/base_rules/*.conf

apache stop and start

/usr/local/apache2/bin/apachectl stop
/usr/local/apache2/bin/apachectl  start

/usr/local/apache2/bin/apachectl -M

tail -f /usr/local/apache2/log/error.log

 ModSecurity for Apache/2.2.4 (http://www.modsecurity.org/) configured.
 ModSecurity: APR compiled version=”1.4.5″; loaded version=”1.4.5″
 ModSecurity: PCRE compiled version=”8.31 “; loaded version=”5.0 13-Sep-2004”
 ModSecurity: Loaded PCRE do not match with compiled!
 ModSecurity: LIBXML compiled version=”2.8.0″
 Apache/2.2.4 (Linux) CovalentSNMP/3.0.3 configured — resuming normal operations
 SNMP: CovalentSNMP/3.0.3 started (user ‘106’ – SNMP address ‘1610’ – pid ‘7

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>