Jump to content

Install Modsecurity di Apache

From Wiki
Revision as of 19:18, 5 July 2022 by Kangtain (talk | contribs)
sudo apt-get install libapache2-mod-security2

Restart Apache: 

/etc/init.d/apache2 restart

Verify the version of ModSecurity is 2.8.0 or higher: 

apt-cache show libapache2-mod-security2

OWASP ModSecurity Core Rule Set

The following steps are for Debian based distributions. File paths and commands for RHEL will differ slightly.

Move and change the name of the default ModSecurity file: 

mv /etc/modsecurity/modsecurity.conf-recommended  modsecurity.conf

Install git if needed: 

sudo apt install git

Download the OWASP ModSecurity CRS from Github: 

git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git

Navigate into the downloaded directory. Move and rename crs-setup.conf.example to crs-setup.conf. Then move rules/ as well. 

cd owasp-modsecurity-crs

mv crs-setup.conf.example /etc/modsecurity/crs-setup.conf

mv rules/ /etc/modsecurity/

The configuration file should match the path above as defined in the IncludeOptional directive. Add another Include directive pointing to the rule set: 

<IfModule security2_module>
        # Default Debian dir for modsecurity's persistent data
        SecDataDir /var/cache/modsecurity

        # Include all the *.conf files in /etc/modsecurity.
        # Keeping your local configuration in that directory
        # will allow for an easy upgrade of THIS file and
        # make your life easier
        IncludeOptional /etc/modsecurity/*.conf
        Include /etc/modsecurity/rules/*.conf
</IfModule>

Restart Apache so that the changes will take effect: 

/etc/init.d/apache2 restart

Source

Retrieved from "https://kangtain.com/wiki/index.php?title=Install_Modsecurity_di_Apache&oldid=4743"