In this blog post, I will describe the process I took to install modsecurity on my system, openSUSE 10.x.
If you haven’t know about modsecurity, I suggest you to visit its website and read a little it about it. All I can say about modsecurity is that it is an open source web application firewall that can be used to protect your web application. It works by checking the request and response send to and from your Apache webserver according to the rules you’ve set.
Interested ? Please pay a visit to its website.
Before installing modsecurity, please make sure you already have Apache webserver on your system. In my system, I have the following apache packages :
That’s should be enough for modsecurity requirements.
Also make sure you already have libxml installed.
Next, you can installed modsecurity by following these steps. Please be very aware that the following configuration may not work for your distro :
- Download modsecurity-2.x. The latest version is 2.1.2
- Unpack it :
tar xvzpf modsecurity-apache_2.1.2.tar.gz
- Change to its directory :
- Change to apache2 directory :
- Edit the Makefile. Change :
top_dir = /apps/apache22
APXS = apxs
APACHECTL = apachectl
top_dir = /usr/share/apache2
APXS = apxs2
APACHECTL = apache2ctl
- Then run “make”
- As root, run “make install”
- Add modsecurity2 and modunique_id modules to the following APACHE_MODULES in /etc/sysconfig/apache2 :
APACHE_MODULES=”actions alias auth_basic authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir unique_id php5 security2″
- Copy modsecurity.conf-minimal to apache conf.d directory :
cp modsecurity.conf-minimal /etc/apache2/conf.d/modsecurity2.conf
- Make sure you have set the following entries to the correct values :
- Restart apache :
- Next you can test modsecurity+apache with your web exploits.
Enjoy your apache2+modsecurity