Installing ModSecurity 2.x in openSUSE 10.x

In this blog post, I will describe the process I took to install modsecurity on my system, openSUSE 10.x.

If you haven’t know about modsecurity, I suggest you to visit its website and read a little it about it. All I can say about modsecurity is that it is an open source web application firewall that can be used to protect your web application. It works by checking the request and response send to and from your Apache webserver according to the rules you’ve set.

Interested ? Please pay a visit to its website.

Before installing modsecurity, please make sure you already have Apache webserver on your system. In my system, I have the following apache packages :

  • apache2-devel-2.2.4-36.2
  • apache2-utils-2.2.4-36.2
  • apache2-prefork-2.2.4-36.2
  • apache2-2.2.4-36.2

That’s should be enough for modsecurity requirements.

Also make sure you already have libxml installed.

Next, you can installed modsecurity by following these steps. Please be very aware that the following configuration may not work for your distro :

  • Download modsecurity-2.x. The latest version is 2.1.2
  • Unpack it :

tar xvzpf modsecurity-apache_2.1.2.tar.gz

  • Change to its directory :

cd modsecurity-apache_2.1.2/

  • Change to apache2 directory :

cd apache2

  • Edit the Makefile. Change :

top_dir = /apps/apache22

APXS = apxs

APACHECTL = apachectl

to :

top_dir = /usr/share/apache2

APXS = apxs2

APACHECTL = apache2ctl

Save it

  • Then run “make”
  • As root, run “make install”
  • Add modsecurity2 and modunique_id modules to the following APACHE_MODULES in /etc/sysconfig/apache2 :

APACHE_MODULES=”actions alias auth_basic authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir unique_id php5 security2″

  • Copy modsecurity.conf-minimal to apache conf.d directory :

cp modsecurity.conf-minimal /etc/apache2/conf.d/modsecurity2.conf

  • Make sure you have set the following entries to the correct values :

SecDebugLog /var/log/apache2/modsec_debug.log
SecAuditLog /var/log/apache2/modsec_audit.log

  • Restart apache :

rcapache2 restart

  • Next you can test modsecurity+apache with your web exploits.

Enjoy your apache2+modsecurity

One thought on “Installing ModSecurity 2.x in openSUSE 10.x

  1. Pingback: Security News » Installling ModSecurity

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s