ModSecurity is a free open source web application firewall which can help you to guard against LFI (local file inclusion attacks) and SQL injection vulnerabilities.
CPanel Installation:
Just go to Cpanel WHM > Plugins > Enable Mod_Security > Save
Source Installation:
That should install mod security in your cpanel. Under apache it should show under installed modules if you run test.php with phpinfo() in it. Try adding some mod security rules. Installing mod_security could be sometimes complicated. Dont use apxs for compiling mod_security as it causes number of problems.
Note: Mod_security needs libxml2 and http-devel libraries before it can be installed. It also requires mod_unique_id enabled in apache modules. To install mod_unique_id, you have to place
LoadModule unique_id_module modules/mod_unique_id.so
in your httpd.conf file.
If you cannot find ./configure then you will need to edit Makefile and make change to top_dir = /usr/lib/httpd (for centos)
# /etc/httpd/conf/httpd.conf
Watch for log files to detect any errors or intrusion activity
/var/log/httpd/modsec_audit
/var/log/httpd/error_log
Refer:http://www.mysql-apache-php.com/basic-linux-security.htm
CPanel Installation:
Just go to Cpanel WHM > Plugins > Enable Mod_Security > Save
Source Installation:
That should install mod security in your cpanel. Under apache it should show under installed modules if you run test.php with phpinfo() in it. Try adding some mod security rules. Installing mod_security could be sometimes complicated. Dont use apxs for compiling mod_security as it causes number of problems.
Note: Mod_security needs libxml2 and http-devel libraries before it can be installed. It also requires mod_unique_id enabled in apache modules. To install mod_unique_id, you have to place
LoadModule unique_id_module modules/mod_unique_id.so
in your httpd.conf file.
yum install libxml2 libxml2-devel httpd-devel
Download the latest version of mod_security for apache2 from http://www.modsecurity.orgwget http://www.modsecurity.org/download/modsecurity-apache_2.1.7.tar.gz
tar zxf modsecurity-apache_2.5.4.tar.gz
cd modsecurity-apache_2.5.4
cd apache2
Then tar zxf modsecurity-apache_2.5.4.tar.gz
cd modsecurity-apache_2.5.4
cd apache2
If you cannot find ./configure then you will need to edit Makefile and make change to top_dir = /usr/lib/httpd (for centos)
make
make install
Next, copy the rule files depending on which you want (you can also select minimal rules file which comes with source). Make a directory named modsecurity under /etc/httpd/conf and copy all the modsecurity rules there. Finally include those files in the httpd.conf filemake install
# /etc/httpd/conf/httpd.conf
LoadModule unique_id_module modules/mod_unique_id.so
LoadFile /usr/lib/libxml2.so
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/*.conf
ThenLoadFile /usr/lib/libxml2.so
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/*.conf
/etc/init.d/httpd restart
Log FilesWatch for log files to detect any errors or intrusion activity
/var/log/httpd/modsec_audit
/var/log/httpd/error_log
Refer:http://www.mysql-apache-php.com/basic-linux-security.htm
No comments:
Post a Comment