XPC Design

Install mod_security 2 on CentOS/RedHat

This is a translation from Spanish to English, but still the best guide I’ve used so far. Modified slightly to help others but could use more work.

Important: ModSecurity blocks lots of UNIX commands. I had to add dots to them. They are colored red so you know to change them.

This article assumes that you have installed a RedHat Enterprise or CentOS and not guaranteed to work, although we have tested on several CentOS 4.5 with success.

The first thing is make sure we have installed the libxml2 library, for it only have to do a search on our system, if installed normally. (XPC Note: Try “yum install libxml2-devel”)

You can check if it is installed with the command:

rpm -q libxml2

To compile ModSecurity install and need some additional packages, then you can uninstall it because it is not necessary.

The packages needed are:

httpd-devel httpd-devel

apr-devel apr-devel

apr-util-devel apr-util-devel

pcre-devel pcre-devel

In case you miss some package for CentOS can install as follows:

yum install libxml2

yum install httpd-devel

Now go on the mod_security, for this visit the official website ModSecurity to download the latest version. The example shows the version available today, we have to unzip, I recommend downloading everything in / usr / local / share /, for example:

C.D /usr/local/share/

W.G.E.T http://www.modsecurity.org/download/modsecurity-apache_2.1.3.tar.gz

tar zxf modsecurity-apache_2.1.3.tar.gz

Now we have once unzipped edit the Makefile in the directory will be apache2 file just unzip.

(XPC Note: After unzipping go to /apache2 and follow the instructions “Run the configure script to generate a Makefile.” on the ModSecurity documentation.

In this file we must change the line to tell where we have indicated the Apache installed with the development package (httpd-devel) installed before.

top_dir = /usr/lib/httpd

We are now ready to compile and install ModSecurity with the following commands

make

service httpd stop

make install

now in the Apache configuration in / etc / httpd / conf / editing httpd.conf with your favorite editor, I would do this:

joe /etc/httpd/conf/httpd.conf

and look for the module loading area, looking for “LoadModule” (Control + K + F joe).

At the beginning of this section adds:

LoadFile /usr/lib/libxml2.so

And then at the end of this section of apache module loading added:

LoadModule security2_module modules/mod_security2.so

Include conf/modsecurity/*.conf

and immediately made this policy must be updated by doing the following configuration:

M.K.D.I.R /etc/httpd/conf/modsecurity;C.D /etc/httpd/conf/modsecurity

W.G.E.T http://www.modsecurity.org/download/modsecurity-core-rules_2.1-1.4.3.tar.gz

tar zxf modsecurity-core-rules_2.1-1.4.3.tar.gz

rm -f modsecurity-core-rules_2.1-1.4.3.tar.gz

And now you have the default policies, remember that you can adapt them by editing the configuration files you installed for ModSecurity.

Do not forget to restart apache with:

service httpd restart

and of course remove the package that may no longer need to:

rpm -e httpd-devel

rpm -e apr-util-devel

rpm -e apr-devel

rpm -e pcre-devel

Congratulations, now you have mod_security installed on your Apache2 server with CentOS and Plesk panel.

VERY IMPORTANT: If you do not know please delegate this task to your provider or system administrator preferred.

Source: carrero.es (Translated from Spanish to English with Google)