shaz
5th February 2005, 01:04 PM
Hi,
I want to install mod_security in my webserver I am using apache2 which is installed with RPM. But the procedure to install mod_security is using source code. and the procedure for mod_security installation is
# cd /usr/local/src
# tar zxf mod_security-1.8.tar.gz
# cd mod_security-1.8/apache1
# /etc/httpd/bin/apxs -iac mod_security.c
6.2) Configuring mod_security
The following configuration is what I would use for a webserver. However, you can read the documentation and tweak mod_security to your needs. There are many things you can do with this module. One of the biggest advantages of mod_security is its ability to be configured differently per virtual host. In this case, you can have one general configuration that applies to all hosts and you could also add more directives on an insecure virtualhost, if necessary. Again, copy-paste the following into the end of httpd.conf:
<ifmodule mod_security.c>
SecFilterEngine On
SecFilterDefaultAction "deny,log,status:403"
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit_log
SecFilterDebugLevel 0
SecFilterDebugLog logs/modsec_debug_log
SecFilterSelective REQUEST_METHOD "!^GET$" chain
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecUploadDir /tmp
SecUploadKeepFiles Off
SecFilter "../"
SecFilter /etc/password
SecFilter /etc/group
SecFilter /etc/shadow
SecFilter /bin/ls
SecFilter "delete[:space:]+from"
SecFilter "insert[:space:]+into"
SecFilter "update[:space:]+set"
SecFilter "select.+from"
SecFilterSelective OUTPUT "Fatal error:" deny,status:500
</ifmodule>
Want to find out what each line does? Read mod_security documentation. To test mod_security, The above configuration was tested on a production server.
But, in my server there is no apxs file or command. Can any body help me in installation of this module?
I want to install mod_security in my webserver I am using apache2 which is installed with RPM. But the procedure to install mod_security is using source code. and the procedure for mod_security installation is
# cd /usr/local/src
# tar zxf mod_security-1.8.tar.gz
# cd mod_security-1.8/apache1
# /etc/httpd/bin/apxs -iac mod_security.c
6.2) Configuring mod_security
The following configuration is what I would use for a webserver. However, you can read the documentation and tweak mod_security to your needs. There are many things you can do with this module. One of the biggest advantages of mod_security is its ability to be configured differently per virtual host. In this case, you can have one general configuration that applies to all hosts and you could also add more directives on an insecure virtualhost, if necessary. Again, copy-paste the following into the end of httpd.conf:
<ifmodule mod_security.c>
SecFilterEngine On
SecFilterDefaultAction "deny,log,status:403"
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit_log
SecFilterDebugLevel 0
SecFilterDebugLog logs/modsec_debug_log
SecFilterSelective REQUEST_METHOD "!^GET$" chain
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecUploadDir /tmp
SecUploadKeepFiles Off
SecFilter "../"
SecFilter /etc/password
SecFilter /etc/group
SecFilter /etc/shadow
SecFilter /bin/ls
SecFilter "delete[:space:]+from"
SecFilter "insert[:space:]+into"
SecFilter "update[:space:]+set"
SecFilter "select.+from"
SecFilterSelective OUTPUT "Fatal error:" deny,status:500
</ifmodule>
Want to find out what each line does? Read mod_security documentation. To test mod_security, The above configuration was tested on a production server.
But, in my server there is no apxs file or command. Can any body help me in installation of this module?
