Monday, February 15, 2010

CentOS 5.4 ModSecurity Installation

SkyHi @ Monday, February 15, 2010

Apache Installation
yum install httpd-devel mod_ssl libxml2 libxml2-devel curl-devel pcre-devel gcc-c++
service httpd stop

ModSecurity Installation
wget http://www.modsecurity.org/download/modsecurity-apache_2.5.10.tar.gz
tar -xzvf modsecurity-apache_2.5.10.tar.gz
cd modsecurity-apache_2.5.10
cd apache2
./configure
make
make install
mkdir /etc/httpd/conf/modsecurity
cp ../modsecurity.conf-minimal /etc/httpd/conf/modsecurity/

Settings
vi /etc/httpd/conf/httpd.conf

# ModSecurity
LoadFile /usr/lib/libxml2.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/modsecurity.conf-minimal

service httpd start
ls /var/log/httpd

access_log  error_log  modsec_audit.log  modsec_debug.log

tail /var/log/httpd/error_log

[Sat Oct 31 20:22:35 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Oct 31 20:22:36 2009] [notice] ModSecurity for Apache/2.5.10 (http://www.modsecurity.org/) configured.
[Sat Oct 31 20:22:36 2009] [notice] Digest: generating secret for digest authentication …
[Sat Oct 31 20:22:36 2009] [notice] Digest: done
[Sat Oct 31 20:22:37 2009] [notice] Apache/2.2.3 (CentOS) configured — resuming normal operations



REFERENCE

http://secfx.wordpress.com/2009/10/31/modsecurity-installation/