IndianWebPortal.com

Something Different In Linux

Home » Uncategorized » ModSecurity installation

ModSecurity installation

Posted by Rishikesh Vispute Categories: Uncategorized

ModSecurity installation requirements:

1) ModSecurity 2.x works only with Apache 2.0.x or higher. Version 2.2.x is highly recommended.

2.Make sure you have mod_unique_id installed.

mod_unique_id is packaged with Apache httpd.

3.libapr and libapr-util

http://apr.apache.org/
4.

libpcre

http://www.pcre.org/
5.

libxml2

http://xmlsoft.org/downloads.html
6.

liblua v5.1.x

This library is optional and only needed if you will be using the new Lua engine.

http://www.lua.org/download.html

Note that ModSecurity requires the dynamic libraries. These are not built by default in the source distribution, so the binary distribution is recommended.
7.

libcurl v7.15.1 or higher

If you will be using the ModSecurity Log Collector (mlogc) to send audit logs to a central repository, then you will also need the curl library.

http://curl.haxx.se/libcurl/
Note

Many have had issues with libcurl linked with the GnuTLS library for SSL/TLS support. It is recommended that the openssl library be used for SSL/TLS support in libcurl.

ModSecurity installation consists of the following steps:

1.

Stop Apache httpd
2.

Unpack the ModSecurity archive
3.

Building differs for UNIX (or UNIX-like) operating systems and Windows.
*

UNIX
1.

Run the configure script to generate a Makefile. Typically no options are needed.

./configure

Options are available for more customization (use ./configure –help for a full list), but typically you will only need to specify the location of the apxs command installed by Apache httpd with the –with-apxs option.

./configure –with-apxs=/path/to/httpd-2.x.y/bin/apxs
Note

There are certain configure options that are meant for debugging an other development use. If enabled, these options can substantially impact performance. These options include all –debug-* options as well as the –enable-performance-measurements options.
2.

Compile with: make
3.

Optionally test with: make test
Note

This is step is still a bit experimental. If you have problems, please send the full output and error from the build to the support list. Most common issues are related to not finding the required headers and/or libraries.
4.

Optionally build the ModSecurity Log Collector with: make mlogc
5.

Optionally install mlogc: Review the INSTALL file included in the apache2/mlogc-src directory in the distribution.
6.

Install the ModSecurity module with: make install
*

Windows (MS VC++ 8)
1.

Edit Makefile.win to configure the Apache base and library paths.
2.

Compile with: nmake -f Makefile.win
3.

Install the ModSecurity module with: nmake -f Makefile.win install
4.

Copy the libxml2.dll and lua5.1.dll to the Apache bin directory. Alternatively you can follow the step below for using LoadFile to load these libraries.
4.

Edit the main Apache httpd config file (usually httpd.conf)

On UNIX (and Windows if you did not copy the DLLs as stated above) you must load libxml2 and lua5.1 before ModSecurity with something like this:

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so

Load the ModSecurity module with:

LoadModule security2_module modules/mod_security2.so

5.

Configure ModSecurity
6.

Start Apache httpd
7.

You should now have ModSecurity 2.x up and running.


Popular Posts

remove index.php fro

How to remove index.php from url in magento Ans : If you ...

PHP-Java bridge on p

  What is php-java bridge? The php-java bridge is the php ...

Set expiration for y

If you want to set the expiration to your site ...

Warning: Parameter 1

Error: Warning: Parameter 1 to modMainMenuHelper::buildXML() expected to be a ...

domain pointing to e

If you domain uses external MX record and it is ...