Mod_security is an apache module it works as a web application layer firewall that helps to protect your website from various attacks. Mod_Security is used to block commonly known exploits by use of regular expressions and rule sets. Through this article you can install ModSecurity on Apache Ubuntu Server.
Install ModSecurity Ubuntu Server.
Install the dependencies/prerequisite. As below:
#apt-get install libxml2 libxml2-dev libxml2-utils
#apt-get install libaprutil1 libaprutil1-dev
#apt-get install libaprutil1 libaprutil1-dev
The 64Bit Os have bug so you need to do as below.
#ln -s /usr/lib/x86_64-linux-gnu/libxml2.so.2 /usr/lib/libxml2.so.2
Now install ModSecurity
#apt-get install libapache-mod-security
Configure ModSecurity rules.
First of all enable the rules by editing the SecRuleEngine option and set to On.
#vi /etc/modsecurity/modsecurity.conf
SecRuleEngine On
Then install modsecurity-crs rules
#apt-get install modsecurity-crs
If you want to update request limit to 16 MB do as below :
SecRequestBodyLimit 16384000
SecRequestBodyInMemoryLimit 16384000
SecRequestBodyInMemoryLimit 16384000
Enabled Mod-Security and restart Apache
#a2enmod headers
#sudo a2enmod mod-security
#service apache2 restart
#sudo a2enmod mod-security
#service apache2 restart
I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry since more than 14 years.
