download the latest stable release from http://www.modsecurity.org/download/direct.html; it's version 2.5.12 as of this writing. In order to compile ModSecurity, install the following:
$ sudo apt-get install automake g++ apache2-threaded-dev dpkg-dev libxml2 libxml2-devOnce done, proceed compiling ModSecurity.
$ cd /apache2 $ ./configure $ make $ sudo make installNext would be to create the configuration file so that Apache will be able to use the ModSecurity module. Create the /etc/apache2/mods-available/mod_security.load, mod_security.conf file, and insert the following: mod_security.load
LoadFile /usr/lib/x86_64-linux-gnu/libxml2.so.2 LoadModule security2_module /usr/lib/apache2/modules/mod_security2.somod_security.conf
Afterwards, create the /etc/apache2/modsecurity_crs directory, and copy all core rule sets to the newly created directory.error_mod_security_is_not_loaded Include /etc/apache2/modsecurity_crs/*.conf
$ sudo mkdir /etc/apache2/modsecurity_crs $ sudo cp -R modsecurity-apache_2.5.12/rules/*.conf /etc/apache2/modsecurity_crs/ $ sudo cp -R modsecurity-apache_2.5.12/rules/base_rules/* /etc/apache2/modsecurity_crs/It's now time to enable the new ModSecurity module, restart Apache enables it.
$ sudo a2enmod mod_security My additional $ sudo a2enmod unique_id $ sudo service apache2 restartDon't forget to check ModSecurity if it's really working. Create /var/www/testsecurity.php file with the following content:
< ?php $secret_file = $_GET['secret_file']; include ( $secret_file); ? >Open your favorite browser and type http://localhost/testsecurity.php?secret_file=/etc/passwd , you should see the following: Forbidden You don't have permission to access /testsecurity.php on this server. Otherwise, the content of /etc/passwd file will be displayed which means that ModSecurity is not working.
No comments:
Post a Comment