I want to install mod_security in my webserver I am using apache2 which is installed with RPM. But the procedure to install mod_security is using source code. and the procedure for mod_security installation is
# cd /usr/local/src
# tar zxf mod_security-1.8.tar.gz
# cd mod_security-1.8/apache1
# /etc/httpd/bin/apxs -iac mod_security.c
6.2) Configuring mod_security
The following configuration is what I would use for a webserver. However, you can read the documentation and tweak mod_security to your needs. There are many things you can do with this module. One of the biggest advantages of mod_security is its ability to be configured differently per virtual host. In this case, you can have one general configuration that applies to all hosts and you could also add more directives on an insecure virtualhost, if necessary. Again, copy-paste the following into the end of httpd.conf:
SecFilterForceByteRange 1 255
SecFilterSelective REQUEST_METHOD "!^GET$" chain
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecFilterSelective OUTPUT "Fatal error:" deny,status:500
Want to find out what each line does? Read mod_security documentation. To test mod_security, The above configuration was tested on a production server.
But, in my server there is no apxs file or command. Can any body help me in installation of this module?