By default especially on modern CentOS systems 5. mod_security is not included in the repos, you will have to enable the EPEL (Extra Packages for Enterprise Linux) to install mod_security.
Steps:
1. Install the EPEL repos base
# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm 2. Install the package
# yum install mod_security 3. Open /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf file, enter:
# vi /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf4. Make sure SecRuleEngine set to "On" to protect webserver for the attacks:
SecRuleEngine On
5. Turn on other required options and policies as per your requirements. Finally, restart httpd:
# service httpd restart6. Make sure everything is working:
# tail -f /var/log/httpd/error_log[Thu Mar 31 03:27:07 2011] [notice] Digest: done
[Thu Mar 31 03:27:08 2011] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Mar 31 03:27:08 2011] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Mar 31 04:10:17 2011] [notice] caught SIGTERM, shutting down
[Thu Mar 31 04:10:18 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Mar 31 04:10:19 2011] [notice] ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/) configured.
[Thu Mar 31 04:10:19 2011] [notice] Digest: generating secret for digest authentication ...
[Thu Mar 31 04:10:19 2011] [notice] Digest: done
[Thu Mar 31 04:10:20 2011] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Mar 31 04:10:20 2011] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
This tutorial is not limited to CentOS only distributions for Debian systems you can use apt-get to intall mod_security or check the site documentation for procedures.
No comments:
Post a Comment