by Paramjit

Goto terminal and follow the given below process.

1. sudo apt-get -y install libapache-mod-security.

2. Using any editor, make a file “/etc/apache2/conf.d/modsecurity2.conf” and put the following contents in the file.

<ifmodule mod_security2.c>
Include conf.d/modsecurity/*.conf

3. By default, mod_security logs to /etc/apache2/logs, the following commands will put the log in /var/log/apache2/mod_security and create a symbolic link back to /etc/apache2/logs

sudo mkdir /var/log/apache2/mod_security
sudo ln -s /var/log/apache2/mod_security/ /etc/apache2/logs

4. Download and install rules
sudo mkdir /etc/apache2/conf.d/modsecurity
cd /etc/apache2/conf.d/modsecurity
sudo wget
sudo tar xzvf modsecurity-core-rules_2.5-1.6.1.tar.gz
sudo rm CHANGELOG LICENSE README modsecurity-core-rules_2.5-1.6.1.tar.gz

5. Enable mod_security:
sudo a2enmod mod-security

6. Now restart Apache
/etc/init.d/apache2 restart

7. If you want to disable mod_security you need to add following command into /etc/apache2/conf.d/modsecurity2.conf
<ifmodule mod_security2.c>
SecRuleEngine Off

7. if you want to disable mode_security for a specific site then add following command into /etc/apache2/sites-enabled/
<IfModule mod_security2.c>
SecRuleEngine Off

8. How to test modsecurity working or not
Nikto Site:
Download nikto:

tar zxvf nikto-current.tar.gz
@b05s05ur:/home/paramjit/nikto-2.1.4# perl -h

Install and configure apache mod_secure

Leave a Reply

Your email address will not be published. Required fields are marked *