Page 1 of 2 12 LastLast
Results 1 to 20 of 35

Thread: how can I install mod security?

  1. #1
    Join Date
    Aug 2009
    Posts
    4

    Question how can I install mod security?

    hello,
    how ican install mod_security in directadmin ?
    please help me.
    thanks....

  2. #2
    Join Date
    Mar 2005
    Posts
    5,270
    This does not look like a How-To Guide to me. Please do not post in the wrong sub forum.
    Floyd Morrissette Little Creek Solutions
    Web Hosting Solutions. XEN Virtual Private Servers, VMWare .....
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  3. #3
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Moved to System-Level Technical Discussion.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  4. #4
    Join Date
    Aug 2007
    Posts
    43
    This worked for me on centos 5.2 using info elsewhere on the DA forums and modsecurity site


    For info see http://www.modsecurity.org/documenta...tallation.html


    download latest files from http://www.modsecurity.org/download/index.html

    wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz

    tar xzvf modsecurity-apache_2.5.9.tar.gz

    cd modsecurity-apache_2.5.9/apache2

    ./configure
    make
    make test
    make install

    mkdir -p /etc/modsecurity2/base_rules/
    cd /etc/modsecurity2/base_rules/
    wget http://www.modsecurity.org/download/...5-1.6.1.tar.gz

    vi /etc/httpd/conf/httpd.conf

    after load php module, add...

    #mod_sec
    LoadModule security2_module /usr/lib/apache/mod_security2.so

    and at end of file...

    <IfModule mod_security2.c>
    # ModSecurity2 config file.
    #
    Include /etc/modsecurity2/base_rules/*conf
    </IfModule>

    then compile into apache with custombuild


    cd /usr/local/directadmin/custombuild

    mkdir -p custom/ap2

    cp configure/ap2/configure.apache custom/ap2/configure.apache
    
vi custom/ap2/configure.apache

    and add...

    "--with-mod_security2"

    then...

    ./build clean 

    ./build apache

  5. #5
    Join Date
    Aug 2007
    Posts
    51
    Include /etc/modsecurity2/base_rules/*conf

    shall i create the conf dir and put all the rules files inside it

    or what ?!

  6. #6
    Join Date
    Oct 2009
    Posts
    1

    it worked ;-)

    thanks jonathanc
    what you stated worked flawlessly for me.

    I been spending the day trying to install this and every tutorial i found didnt work for me i always got it installed but got errors when i restarted apache.
    (Apache not being able to run or access some files I had to state in httpd.conf)

    I been getting multible doS attacks, and this is the only steps that worked for me, I have directadmin, and centOS.

  7. #7
    Join Date
    May 2009
    Posts
    3

  8. #8
    Join Date
    Jan 2008
    Location
    /dev/null
    Posts
    702
    To a look for 'update.script', that can install mod_security also for you.
    Why most people reboot the server when they have a problem

  9. #9
    Join Date
    Sep 2010
    Posts
    59
    Quote Originally Posted by jonathanc View Post
    This worked for me on centos 5.2 using info elsewhere on the DA forums and modsecurity site


    For info see http://www.modsecurity.org/documenta...tallation.html


    download latest files from http://www.modsecurity.org/download/index.html

    wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz

    tar xzvf modsecurity-apache_2.5.9.tar.gz

    cd modsecurity-apache_2.5.9/apache2

    ./configure
    make
    make test
    make install

    mkdir -p /etc/modsecurity2/base_rules/
    cd /etc/modsecurity2/base_rules/
    wget http://www.modsecurity.org/download/...5-1.6.1.tar.gz

    vi /etc/httpd/conf/httpd.conf

    after load php module, add...

    #mod_sec
    LoadModule security2_module /usr/lib/apache/mod_security2.so

    and at end of file...

    <IfModule mod_security2.c>
    # ModSecurity2 config file.
    #
    Include /etc/modsecurity2/base_rules/*conf
    </IfModule>

    then compile into apache with custombuild


    cd /usr/local/directadmin/custombuild

    mkdir -p custom/ap2

    cp configure/ap2/configure.apache custom/ap2/configure.apache
    
vi custom/ap2/configure.apache

    and add...

    "--with-mod_security2"

    then...

    ./build clean 

    ./build apache

    This worked for me this morning. CentOS 5.5 Linode VM.

  10. #10
    Join Date
    Nov 2010
    Posts
    65
    Few things missing:

    1)
    mkdir -p /etc/modsecurity2/base_rules/
    cd /etc/modsecurity2/base_rules/
    wget http://www.modsecurity.org/download/...5-1.6.1.tar.gz
    Remember to untar it - in base_rule directory there should be *.conf files. Latest core files are located at http://sourceforge.net/projects/mod-...crs/0-CURRENT/

    2) in file /usr/local/directadmin/custombuild
/custom/ap2/configure.apache remember about trailing backslash - syntax shoul be:

    Code:
    [...]
    "--enable-proxy" \
    "--enable-expires" \
    "--with-ssl=/usr" \
    "--enable-headers" \
    "--with-mod_security2"

    3) customize log path in config - change
    Code:
    SecAuditLog logs/modsec_audit.log
    into
    Code:
    SecAuditLog /var/log/modsec_audit.log
    and

    Code:
    SecDebugLog             logs/modsec_debug.log
    to
    Code:
    SecDebugLog             /var/log/modsec_debug.log
    or whatever suits you

  11. #11
    Join Date
    Feb 2011
    Posts
    38
    After installing I get
    httpd: Syntax error on line 176 of /etc/httpd/conf/httpd.conf: Syntax error on line 133 of /root/modsecurity-apache_2.5.13/rules/base_rules/modsecurity_40_generic_attacks.data: /root/modsecurity-apache_2.5.13/rules/base_rules/modsecurity_40_generic_attacks.data:170: <input> was not closed.\n/root/modsecurity-apache_2.5.13/rules/base_rules/modsecurity_40_generic_attacks.data:133: <![cdata[> was not closed.

  12. #12
    Join Date
    Jan 2011
    Posts
    18
    Quote Originally Posted by jonathanc View Post
    This worked for me on centos 5.2 using info elsewhere on the DA forums and modsecurity site


    For info see http://www.modsecurity.org/documenta...tallation.html


    download latest files from http://www.modsecurity.org/download/index.html

    wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz

    tar xzvf modsecurity-apache_2.5.9.tar.gz

    cd modsecurity-apache_2.5.9/apache2

    ./configure
    make
    make test
    make install

    mkdir -p /etc/modsecurity2/base_rules/
    cd /etc/modsecurity2/base_rules/
    wget http://www.modsecurity.org/download/...5-1.6.1.tar.gz

    vi /etc/httpd/conf/httpd.conf

    after load php module, add...

    #mod_sec
    LoadModule security2_module /usr/lib/apache/mod_security2.so

    and at end of file...

    <IfModule mod_security2.c>
    # ModSecurity2 config file.
    #
    Include /etc/modsecurity2/base_rules/*conf
    </IfModule>

    then compile into apache with custombuild


    cd /usr/local/directadmin/custombuild

    mkdir -p custom/ap2

    cp configure/ap2/configure.apache custom/ap2/configure.apache
    
vi custom/ap2/configure.apache

    and add...

    "--with-mod_security2"

    then...

    ./build clean 

    ./build apache
    For Debian users that might be interested in installing mod_security: Following this guide worked for me on Debian 5 64-bit. I normally install mod_security a little bit different on Ubuntu however this worked fine.

    I had to move the logs to /var/log though in order for it to work, but that's pretty much it.

    Anyways. I need to do some LocationMatch to remove the security rules for a couple of files. Where do i go about adding these? In httpd.conf?

    I want to add:
    <LocationMatch "(/path/to/script.php)">
    SecRuleRemoveById xxxxxx
    </LocationMatch>

  13. #13
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    Quote Originally Posted by Atavoo View Post
    Where do i go about adding these? In httpd.conf?
    Noooooooooooo!

    Add them to /etc/httpd/conf/security/modsecurity_crs_48_local_exceptions.conf
    or to the custom vhost if it only applies to a domain
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  14. #14
    Join Date
    Jan 2011
    Posts
    18
    Quote Originally Posted by interfasys View Post
    Noooooooooooo!

    Add them to /etc/httpd/conf/security/modsecurity_crs_48_local_exceptions.conf
    or to the custom vhost if it only applies to a domain
    Thanks! Created that config file in /etc/modsecurity2/base_rules and it seems to work.

  15. #15
    Join Date
    Sep 2010
    Posts
    46

    Question

    hi
    i installed the mod_security in DA . how I can know that mod_security successfully installed ?
    i dont see mod_security in the DA plugins . where i can see it ?
    tnx

  16. #16
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,482
    Quote Originally Posted by DaNgErOuS View Post
    i dont see mod_security in the DA plugins . where i can see it ?
    tnx
    Theres no plug-ins, to see if its loaded, look for it in the phpinfo(); command.
    Regards, Peter
    UK Web Hosting - Professional & Reliable Shared and VPS Hosting! Offering DirectAdmin licences on our VPS's

  17. #17
    Join Date
    Sep 2010
    Posts
    46

    Question

    i see th e phpinfo va command part .
    which keyword i search that find mod_security in it ?
    tnx

  18. #18
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,482
    Under apache2handler and beside Loaded Modules
    Regards, Peter
    UK Web Hosting - Professional & Reliable Shared and VPS Hosting! Offering DirectAdmin licences on our VPS's

  19. #19
    Join Date
    Sep 2010
    Posts
    46

    Question

    i dont find it .
    what is the module name that loaded in apache ?
    i need thats module name
    another question
    where is the mod_Security log files ?
    tnx

  20. #20
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,482
    I manually added it to /etc/httpd/conf/httpd-includes.conf with
    Code:
    LoadFile /usr/local/lib/libxml2.so
    LoadModule security2_module     /usr/lib/apache/mod_security2.so
    <IfModule mod_security2.c>
    Include /etc/modsecurity2/*.conf
    </IfModule>
    Then put the rules in /etc/modsecurity2/

    If you can't see it in phpinfo (see attached), its not loaded.
    Attached Images Attached Images
    Regards, Peter
    UK Web Hosting - Professional & Reliable Shared and VPS Hosting! Offering DirectAdmin licences on our VPS's

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 11-17-2012, 08:10 AM
  2. Time for a re-think of DA's install security defaults
    By IT_Architect in forum Feedback & Feature Requests
    Replies: 56
    Last Post: 05-29-2012, 02:21 PM
  3. help how to install nobody check security tool
    By adamp in forum DirectAdmin General Discussion
    Replies: 6
    Last Post: 03-20-2012, 03:55 AM
  4. mod security install problem
    By alpus in forum Installation / System Requirements
    Replies: 2
    Last Post: 06-14-2008, 02:50 PM
  5. Few Security Issues With Fresh Install
    By txt3rob in forum System-Level Technical Discussion
    Replies: 5
    Last Post: 03-20-2008, 09:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •