ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

How to install Mood-security in linux?

user-image
تم إضافة السؤال من قبل مستخدم محذوف‎
تاريخ النشر: 2013/07/16
Muhammad Anzar
من قبل Muhammad Anzar , DevOps/DevSecOps Architect , Confidential

1. Modsecuirty source files download from the website and compile from the extracted directory

2. Copy the modsecurity configuration file to apache configuration directory

3. Enable modules in configuration file

4. Add rules one by one in configuration file and verify the rules are executing properly

5. Verify the apache configuration through apachectl -t

6. If everything working, restart apache server

 

Sajan Kumar
من قبل Sajan Kumar , Technical Leader (Tech Lead) , EduAlert Services Pvt Ltd

Dear Farhan, Its not mood security, its mod-security for apache / nginx.
i don't know whether which distro you are using.
anyway you can use the following commands with little change.
First you need to install dependencies: ## For RHEL/CentOS6.2/6.1/6/5.8 ## # yum install gcc make # yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel ## For Fedora17,16,15,14,13,12 ## # yum install gcc make # yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel Secondly, I prefer to download and build from source, since production machines require performance.
## For RHEL/CentOS6.2/6.1/6/5.8 ## # cd /usr/src # wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz # tar xzf modsecurity-apache_2.6.6.tar.gz # cd modsecurity-apache_2.6.6 # ./configure # make install # cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf ## For Fedora17,16,15,14,13,12 ## # cd /usr/src # wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz # tar xzf modsecurity-apache_2.6.6.tar.gz # cd modsecurity-apache_2.6.6 # ./configure # make install # cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf Third, you have to download the rules for OWASP ## For RHEL/CentOS6.2/6.1/6/5.8 ## # cd /etc/httpd/ # wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz # tar xzf modsecurity-crs_2.2.5.tar.gz # mv modsecurity-crs_2.2.5 modsecurity-crs # cd modsecurity-crs # cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf ## For Fedora17,16,15,14,13,12 ## # cd /etc/httpd/ # wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz # tar xzf modsecurity-crs_2.2.5.tar.gz # mv modsecurity-crs_2.2.5 modsecurity-crs # cd modsecurity-crs # cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf Forthly, need to configure apache: # vi /etc/httpd/conf/httpd.conf add LoadModule security2_module modules/mod_security2.so at the end add basic rules filter Include modsecurity-crs/modsecurity_crs_10_config.conf Include modsecurity-crs/base_rules/*.conf Fifthly, restart the apache server: # /etc/init.d/httpd restart I hope I got answered you query.
Regards, Sajan.S

المزيد من الأسئلة المماثلة