Mod security: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Mernits (talk | contribs)
No edit summary
Mernits (talk | contribs)
No edit summary
Line 7: Line 7:
cd /tmp
cd /tmp


sudo wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.4.tar.gz
sudo wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz


sudo tar -zxvf modsecurity-crs_2.2.4.tar.gz
sudo tar zxf modsecurity-crs_2.2.5.tar.gz


sudo cp -R modsecurity-crs_2.2.4/* /etc/modsecurity/
sudo cp -R modsecurity-crs_2.2.5/* /etc/modsecurity/


sudo rm modsecurity-crs_2.2.4.tar.gz
sudo rm modsecurity-crs_2.2.5.tar.gz


sudo rm modsecurity-crs_2.2.4 -r
sudo rm modsecurity-crs_2.2.5 -r


sudo mv /etc/modsecurity/modsecurity_crs_10_config.conf.example  /etc/modsecurity/modsecurity_crs_10_config.conf
sudo mv /etc/modsecurity/modsecurity_crs_10_config.conf.example  /etc/modsecurity/modsecurity_crs_10_config.conf
#To enable rulesets create /etc/apache2/conf.d/modsecurity.conf file with following content:
#To enable rulesets create /etc/apache2/conf.d/modsecurity.conf file with following content:
<ifmodule mod_security2.c>
<ifmodule mod_security2.c>

Revision as of 12:39, 17 October 2012

sudo apt-get update
sudo apt-get install libxml2 libxml2-dev libxml2-utils
sudo apt-get install libapache2-modsecurity
ln -sf /usr/lib/x86_64-linux-gnu/libxml2.so.2 /usr/lib/libxml2.so.2
sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
cd /tmp

sudo wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz

sudo tar zxf modsecurity-crs_2.2.5.tar.gz

sudo cp -R modsecurity-crs_2.2.5/* /etc/modsecurity/

sudo rm modsecurity-crs_2.2.5.tar.gz

sudo rm modsecurity-crs_2.2.5 -r

sudo mv /etc/modsecurity/modsecurity_crs_10_config.conf.example  /etc/modsecurity/modsecurity_crs_10_config.conf


#To enable rulesets create /etc/apache2/conf.d/modsecurity.conf file with following content:
<ifmodule mod_security2.c>
SecRuleEngine On
</ifmodule>


sudo a2enmod mod-security
sudo service apache2 restart

https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project