10:25 PM
Unknown
Packages to be pre installed.
yum install gcc make
yum install libxml2 libxml2-devel pcre-devel
if error lexpat (while make install) :
yum install expat expat-devel
Install mod_security
and add this :
yum install gcc make
yum install libxml2 libxml2-devel pcre-devel
if error lexpat (while make install) :
yum install expat expat-devel
cd /usr/src
wget https://www.modsecurity.org/tarball/2.7.5/modsecurity-apache_2.7.5.tar.gz
tar zxvf modsecurity-apache_2.7.5.tar.gz
cd modsecurity-apache_2.7.5
./configure
make install
cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
Downloading OWASP Mod_Security Core Rule Set :
cd /etc/httpd/
wget http://pkgs.fedoraproject.org/repo/pkgs/mod_security_crs/modsecurity-crs_2.2.5.tar.gz/aaeaa1124e8efc39eeb064fb47cfc0aa/modsecurity-crs_2.2.5.tar.gz
tar zxvf modsecurity-crs_2.2.5.tar.gz
mv modsecurity-crs_2.2.5 modsecurity-crs
cd modsecurity-crs
cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf
OR
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
mv owasp-modsecurity-crs modsecurity-crs
cd modsecurity-crs
cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf
Configuring Mod_Security
vi etc/httpd/conf/extra/httpd-includes.confand add this :
LoadModule security2_module /usr/lib/apache/mod_security2.so
Include conf.d/modsecurity.conf
Include modsecurity-crs/modsecurity_crs_10_config.conf
Include modsecurity-crs/base_rules/*.conf
compile into apache with custombuild :
vi custom/ap2/configure.apache
add this :
"--with-mod_security2"
"--with-mod_security2"
service httpd restart
Posted in: 
0 comments:
Post a Comment