hi,
Any tips or links on how to install mod_security with iworx .
thanks
???
Installation of apache module mod_security
(check last version at GitHub - SpiderLabs/ModSecurity: ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence. website)
yum install libxml2 libxml2-devel curl-devel pcre-devel gcc-c++
mkdir extras
cd extras
wget GitHub - SpiderLabs/ModSecurity: ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
tar -zxvf modsecurity-apache_2.5.12.tar.gz
cd modsecurity-apache_2.5.12/apache2/
/etc/init.d/httpd stop ( optional… )
./configure
make
make mlogc
make install
vi /etc/httpd/conf/httpd.conf
Above all of the LoadModule directives add:
LoadFile /usr/lib64/libxml2.so
Add after “LoadModules” section:
LoadModule security2_module /usr/lib64/httpd/modules/mod_security2.so
save file
Create directory where rules should be created:
mkdir /etc/httpd/conf.d/modsecurity
And install default rules:
cd /etc/httpd/conf.d/modsecurity
cp /root/extras/modsecurity-apache_2.5.12/rules/base_rules/modsecurity_* .
cp /root/extras/modsecurity-apache_2.5.12/rules/modsecurity_crs_10_config.conf /etc/httpd/conf.d/modsecurity/
Copy modsecurity.conf-minimal to apache conf.d directory:
cp /root/extras/modsecurity-apache_2.5.12/modsecurity.conf-minimal /etc/httpd/conf.d/modsecurity2.conf
Edit /etc/httpd/conf.d/modsecurity2.conf
vi /etc/httpd/conf.d/modsecurity2.conf
and add the following lines at the end of the file:
<ifmodule security2_module>
Include /etc/httpd/conf.d/modsecurity/*.conf
</ifmodule>
Save,
test apache startup:
/etc/init.d/httpd configtest
If no errors, restart apache
/etc/init.d/httpd restart
Great Paulo!
I founbd out that mod_sec2 break some flash applications in my clients accounts, for some reason.
–> Finished Dependency Resolution
gcc-4.1.2-48.el5.i386 from base has depsolving problems
–> Missing Dependency: glibc-devel >= 2.2.90-12 is needed by package gcc-4.1.2-48.el5.i386 (base)
Error: Missing Dependency: glibc-devel >= 2.2.90-12 is needed by package gcc-4.1.2-48.el5.i386 (base)
[QUOTE=onspot;17275]Great Paulo!
I founbd out that mod_sec2 break some flash applications in my clients accounts, for some reason.[/QUOTE]
You could create a .htaccess on that host account with
<ifmodule>SecFilterInheritance Off </ifmodule>
[I]
[/I]
[QUOTE=m1010;17279]–> Finished Dependency Resolution
gcc-4.1.2-48.el5.i386 from base has depsolving problems
–> Missing Dependency: glibc-devel >= 2.2.90-12 is needed by package gcc-4.1.2-48.el5.i386 (base)
Error: Missing Dependency: glibc-devel >= 2.2.90-12 is needed by package gcc-4.1.2-48.el5.i386 (base)[/QUOTE]
you could try to install glibc-devel
yum install glibc-devel
The howto was to a 64bit version and it seems you’re on a 32bits CentOS, so dont forget to change the lib’s paths replace “/usr/lib64” by “/usr/lib” to meet your system
Regards
yum install glibc-devel
Excluding Packages in global exclude list
Finished
Setting up Install Process
No package glibc-devel available.
Nothing to do
Hi,
you coult try “yum update” or “yum upgrade” to check everything is uptodate and then install it
Regards