mod_security (first post, i win)

For the sake of getting the first post, I have a tool for the InterWorx-CP suite that some may be interested in. I’ve made up a SRPM for mod_security, which is a security-minded URL filter of sorts for Apache. We haven’t had many requests for this but in the spirit of thinking ahead I thought everyone may want to check it out.

This has been tested on our internal boxes ONLY, and is BETA. YOU HAVE BEEN FOREWARNED!!

Now that that’s out of the way it’s been working fine on our test boxes so feel free to give it a whirl.

The mod_security homepage is at:

Install the mod on any interworx-cp box by doing:

rpmbuild --rebuild --with < your arch here >
rpm -ivh /usr/redhat/bin/mod_security-1.8.4-100.iworx.rpm

the “< your arch here >” part is where you distro descriptor goes. Here’s a list of htem:

RedHat 9     = rht9x
CentOS 3.x   = cos3x
Fedora 1     = fdr10
Fedora 2     = fdr20
White Box    = whb3x

So, for a redhat 9 box just do:

rpmbuild --rebuild --with rht90
rpm -ivh /usr/redhat/bin/mod_security-1.8.4-100.iworx.rpm


enjoy ;).



Just before install it, I’d like to know what do you enter under the <IfModule mod_security.c> in the httpd.conf

Does it update httpd.conf, and/or others /domaine.conf automaticly ?


it puts a file in the conf.d directory named security.conf that you can edit to your needs.


Chris mentioned you still have mod_security available. What’s the latest version you have available? yum doesn’t seem to see anything.

Nevermind. I only see 1.8.4 in the CentOS Binaries.

Going to add 1.8.6? :slight_smile:

I’m sure they will get to it, but I think they’re prety busy right now finishing InterWorx 1.9. :wink:

Yeah but I’m greedy :slight_smile: I wouldn’t use mod_security at all (and really didn’t want to) but I know I’m going to want some of the scrubbing features soo…

Just updated it to 1.8.6:


Thanks :slight_smile: I’ll update now. Still might just stick with mod_rewrite though :slight_smile:

I was curious if there had been any update on the mod_Security project for Iworx? It looks like a good security addition and a worthy addition to a virtual hosted machine in aid of client security.

Any news on it?

It can be added independantly of iworx-cp but isn’t “integrated” at this point in time. It may be in the future.


That’s an up to date rpm, and has been working fine for me. (CentOS 4.x)

Then if you like check out for a LARGE amount of rules to add.


Any x64 rpm, out there ? :wink: … the install still works the same way for CentOS 4.4 (x64) / iworx 2.1.3 ?