Thursday, November 26, 2009

INSTALL MOD SECURITY ModSecurity (Web Application Firewall)


ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella – shielding applications from attacks. ModSecurity supports both branches of the Apache web server.

The module filters, and optionally rejects, incoming requests based on a number of different criteria like CGI variables, HTTP headers, environment variables, and even individual script parameters. mod_security can also create an audit log, storing full request details in a separate file, including POST payloads (the audit feature can be turned on or off on a per-server or per-directory basis).


Step 1:You need install Microsoft Visual C++ 2008 Redistributable Package (x86) (if you use Apache in window).

If you use can install from source as:


#tar -xvzf modsecurity-apache_2.5.11.tar.gz

#cd modsecurity-apache_2.5.11

#./configure;make;make install

you can install It by yum if you use RHEL or CENTOS


Step 2:Configure

copy libxml2.dll to folder bin in folder Apache(/etc/httpd/)if you use window

Step 3:edit file httpd.conf


  LoadModule unique_id_module modules/ 

Add this line at the bottom of Load Modules section:
LoadModule security2_module modules/

Step 4:Test you change signature"SecServerSignature "IIS/7.5" " of webserver to IIS/7.5 and access to apache

No comments:

Post a Comment