How to install mod_security in DirectAdmin

How to install mod_security in DirectAdmin.
I’ve installed this in CentOS 5.6 just now. Just follow the instruction below.

# cd /usr/local/src

# mkdir modsecurity2

Find the latest version from

http://www.modsecurity.org/download/

# wget http://www.modsecurity.org/download/modsecurity-apache_2.5.13.tar.gz

# perl -pi -e ‘s/ServerTokens Major/ServerTokens Full/’ /etc/httpd/conf/extra/httpd-default.conf

# perl -pi -e ‘s/ServerSignature Off/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf

# perl -pi -e ‘s/ServerSignature EMail/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf

# tar -zvxf modsecurity-apache_2.5.13.tar.gz

# cd modsecurity-apache_2.5.13

# cd apache

# ./configure

# make

# make test

# make install

Sample:
[[email protected] apache2]# make install
build/apxs-wrapper -i mod_security2.la
/var/www/build/instdso.sh SH_LIBTOOL=’/var/www/build/libtool’ mod_security2.la /usr/lib/apache
/var/www/build/libtool –mode=install cp mod_security2.la /usr/lib/apache/
cp .libs/mod_security2.so /usr/lib/apache/mod_security2.so
cp .libs/mod_security2.lai /usr/lib/apache/mod_security2.la
cp .libs/mod_security2.a /usr/lib/apache/mod_security2.a
chmod 644 /usr/lib/apache/mod_security2.a
ranlib /usr/lib/apache/mod_security2.a
PATH=”$PATH:/sbin” ldconfig -n /usr/lib/apache
———————————————————————-
Libraries have been installed in:
/usr/lib/apache

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR’
flag during linking and do at least one of the following:
– add LIBDIR to the `LD_LIBRARY_PATH’ environment variable
during execution
– add LIBDIR to the `LD_RUN_PATH’ environment variable
during linking
– use the `-Wl,–rpath -Wl,LIBDIR’ linker flag
– have your system administrator add LIBDIR to `/etc/ld.so.conf’

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
———————————————————————-
chmod 755 /usr/lib/apache/mod_security2.so

Download the newest pre-defined mod_sec ruleset
https://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/

# cd /usr/local/src/

# wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.1.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fmod-security%2Ffiles%2Fmodsecurity-crs%2F0-CURRENT%2F&ts=1303319614&use_mirror=cdnetworks-kr-2

# mkdir /etc/modsecurity2/

# mv ./modsecurity-crs_2.1.2/* /etc/modsecurity2/

# cd /etc/modsecurity2/

# mv modsecurity_crs_10_config.conf.example modsecurity_crs_10_config.conf

Now edit the apache files.

# vi /etc/httpd/conf/httpd.conf

After:
# LoadModule php5_module /usr/lib/apache/libphp5.so
LoadFile /usr/lib64/libxml2.so.2
LoadModule security2_module /usr/lib/apache/mod_security2.so

At the bottom end of httpd.conf, add the following line:

<IfModule security2_module>

Include /etc/modsecurity2/*.conf
Include /etc/modsecurity2/base_rules/*.conf

</IfModule>

 

You have to edit the modsecurity_crs_10_config.conf for the settings.

# vi /etc/modsecurity2/modsecurity_crs_10_config.conf
Put the following lines after

#SecRuleEngine DetectionOnly
SecRuleEngine On
SecDataDir /var/log/httpd/
SecDebugLog /var/log/httpd/modsec-debug.log
SecDebugLogLevel 1

save it, then.

# service httpd restart

You may face few problem that’s
Stopping httpd: [FAILED]
Starting httpd: httpd: Syntax error on line 18 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib64/libxml2.so into server: /usr/lib64/libxml2.so: cannot open shared object file: No such file or directory

You could try to

# ln -s /usr/local/lib/libxml2.so.2 /usr/lib64/libxml2.so

Then

# service httpd restart

Again.

Good Luck !


Tags: , ,
  • Why are you changing Apache’s signatures?

  • because don’t let other people know so much of it.

  • Michele

    Could I know why you set up ServerTokens Full and ServerSignature On?
    Is there a specific reason related to the operation of mod_security?

Translate

Buy me a Caffè Latte

Thank you for the Caffè Latte

2013/02/15 saw art
2013/01/25 Parul Patel
2012/11/20 Barbara Nicholas $10
2012/10/08 Amy Stockman $5
2012/07/15 siewho chang $ 50
2012/06/08 Susan Hampton $10
2012/05/11 Chris Grima $10