Bayt.com

Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

How to install Mood-security in linux?

how to install Mood-security in linux?

Linux Database Linux Security Linux Server Linux Tools
user-image
Question added by Deleted user
Date Posted: 2013/07/16
Upvote (2) Views (8) Followers (0) Answers (2) Report Question
Write an Answer
Register now or log in to answer.
Muhammad Anzar
by Muhammad Anzar , DevOps/DevSecOps Architect , Confidential

1. Modsecuirty source files download from the website and compile from the extracted directory

2. Copy the modsecurity configuration file to apache configuration directory

3. Enable modules in configuration file

4. Add rules one by one in configuration file and verify the rules are executing properly

5. Verify the apache configuration through apachectl -t

6. If everything working, restart apache server

 

Sajan Kumar
by Sajan Kumar , Technical Leader (Tech Lead) , EduAlert Services Pvt Ltd

Dear Farhan, Its not mood security, its mod-security for apache / nginx.
i don't know whether which distro you are using.
anyway you can use the following commands with little change.
First you need to install dependencies: ## For RHEL/CentOS6.2/6.1/6/5.8 ## # yum install gcc make # yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel ## For Fedora17,16,15,14,13,12 ## # yum install gcc make # yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel Secondly, I prefer to download and build from source, since production machines require performance.
## For RHEL/CentOS6.2/6.1/6/5.8 ## # cd /usr/src # wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz # tar xzf modsecurity-apache_2.6.6.tar.gz # cd modsecurity-apache_2.6.6 # ./configure # make install # cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf ## For Fedora17,16,15,14,13,12 ## # cd /usr/src # wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz # tar xzf modsecurity-apache_2.6.6.tar.gz # cd modsecurity-apache_2.6.6 # ./configure # make install # cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf Third, you have to download the rules for OWASP ## For RHEL/CentOS6.2/6.1/6/5.8 ## # cd /etc/httpd/ # wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz # tar xzf modsecurity-crs_2.2.5.tar.gz # mv modsecurity-crs_2.2.5 modsecurity-crs # cd modsecurity-crs # cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf ## For Fedora17,16,15,14,13,12 ## # cd /etc/httpd/ # wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz # tar xzf modsecurity-crs_2.2.5.tar.gz # mv modsecurity-crs_2.2.5 modsecurity-crs # cd modsecurity-crs # cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf Forthly, need to configure apache: # vi /etc/httpd/conf/httpd.conf add LoadModule security2_module modules/mod_security2.so at the end add basic rules filter Include modsecurity-crs/modsecurity_crs_10_config.conf Include modsecurity-crs/base_rules/*.conf Fifthly, restart the apache server: # /etc/init.d/httpd restart I hope I got answered you query.
Regards, Sajan.S

Write Your Answer
More Questions Like This