Linux penguin

How to install mod_security in DirectAdmin

How to install mod_security in DirectAdmin.
I’ve installed this in CentOS 5.6 just now. Just follow the instruction below.

# cd /usr/local/src

# mkdir modsecurity2

Find the latest version from
[adrotate banner=”1″]

# wget

# perl -pi -e ‘s/ServerTokens Major/ServerTokens Full/’ /etc/httpd/conf/extra/httpd-default.conf

# perl -pi -e ‘s/ServerSignature Off/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf

# perl -pi -e ‘s/ServerSignature EMail/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf

# tar -zvxf modsecurity-apache_2.5.13.tar.gz

# cd modsecurity-apache_2.5.13

# cd apache

# ./configure

# make

# make test

# make install

[root@server apache2]# make install
build/apxs-wrapper -i
/var/www/build/ SH_LIBTOOL=’/var/www/build/libtool’ /usr/lib/apache
/var/www/build/libtool –mode=install cp /usr/lib/apache/
cp .libs/ /usr/lib/apache/
cp .libs/mod_security2.lai /usr/lib/apache/
cp .libs/mod_security2.a /usr/lib/apache/mod_security2.a
chmod 644 /usr/lib/apache/mod_security2.a
ranlib /usr/lib/apache/mod_security2.a
PATH=”$PATH:/sbin” ldconfig -n /usr/lib/apache
Libraries have been installed in:

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR’
flag during linking and do at least one of the following:
– add LIBDIR to the `LD_LIBRARY_PATH’ environment variable
during execution
– add LIBDIR to the `LD_RUN_PATH’ environment variable
during linking
– use the `-Wl,–rpath -Wl,LIBDIR’ linker flag
– have your system administrator add LIBDIR to `/etc/’

See any operating system documentation about shared libraries for
more information, such as the ld(1) and manual pages.
chmod 755 /usr/lib/apache/

Download the newest pre-defined mod_sec ruleset

# cd /usr/local/src/

# wget

# mkdir /etc/modsecurity2/

# mv ./modsecurity-crs_2.1.2/* /etc/modsecurity2/

# cd /etc/modsecurity2/

# mv modsecurity_crs_10_config.conf.example modsecurity_crs_10_config.conf

Now edit the apache files.
[adrotate banner=”2″]
# vi /etc/httpd/conf/httpd.conf

# LoadModule php5_module /usr/lib/apache/
LoadFile /usr/lib64/
LoadModule security2_module /usr/lib/apache/

At the bottom end of httpd.conf, add the following line:

<IfModule security2_module>

Include /etc/modsecurity2/*.conf
Include /etc/modsecurity2/base_rules/*.conf



You have to edit the modsecurity_crs_10_config.conf for the settings.

# vi /etc/modsecurity2/modsecurity_crs_10_config.conf
Put the following lines after

#SecRuleEngine DetectionOnly
SecRuleEngine On
SecDataDir /var/log/httpd/
SecDebugLog /var/log/httpd/modsec-debug.log
SecDebugLogLevel 1

save it, then.

# service httpd restart

You may face few problem that’s
Stopping httpd: [FAILED]
Starting httpd: httpd: Syntax error on line 18 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib64/ into server: /usr/lib64/ cannot open shared object file: No such file or directory

You could try to

# ln -s /usr/local/lib/ /usr/lib64/


# service httpd restart


Good Luck !


3 thoughts on “How to install mod_security in DirectAdmin”

  1. Could I know why you set up ServerTokens Full and ServerSignature On?
    Is there a specific reason related to the operation of mod_security?

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.