Install ModSecurity:
If your Ubuntu is 64bit, you need to fix a bug:
Configure ModSecurity:
Enable the rule engine:
Increase the request body size limit to 10Mb(Optional, only if your site accepts uploads):
Check the ModSecurity version:
The installed ModSecurity version is:
Install
OWASP ModSecurity Core Rule Set:
sudo
apt-get
install
libxml2 libxml2-dev libxml2-utils libaprutil1 libaprutil1-dev libapache-mod-security
|
sudo
ln
-s
/usr/lib/x86_64-linux-gnu/libxml2
.so.2
/usr/lib/libxml2
.so.2
|
sudo
mv
/etc/modsecurity/modsecurity
.conf-recommended
/etc/modsecurity/modsecurity
.conf;
sudo
vi
/etc/modsecurity/modsecurity
.conf
|
SecRuleEngine On
|
SecRequestBodyLimit 10000000
SecRequestBodyInMemoryLimit 10000000
|
dpkg -s libapache-mod-security |
grep
Version
|
Version: 2.6.3-1ubuntu0.2
|
- Download the rule set(version 2.2.5 because the latest version requires ModSecurity 2.7.0+):
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/v2.2.5 -O/tmp/owasp.tar.gz - Extract the package:
cd/tmp;tar-zxvf owasp.tar.gz;rmowasp.tar.gz - Copy the directory to /etc/modsecurity, and set the permissions:
sudomvSpiderLabs-owasp-modsecurity-crs-5c28b52//etc/modsecurity/owasp-crssudochmod-R 644/etc/modsecurity/owasp-crs - Link the rules to /etc/modsecruity/owasp-crs/activated_rules directory:
sudomv/etc/modsecurity/owasp-crs/modsecurity_crs_10_setup.conf.example/etc/modsecurity/owasp-crs/modsecurity_crs_10_setup.confcd/etc/modsecurity/owasp-crs/activated_rules/sudoln-s ../modsecurity_crs_10_setup.confforfin$(ls../base_rules/);dosudoln-s ../base_rules/$f;doneforfin$(ls../optional_rules/);dosudoln-s ../optional_rules/$f;done - Modify /etc/apache2/mods-available/mod-security.conf to include the rules:
Add the following line:
sudovi/etc/apache2/mods-available/mod-security.confInclude "/etc/modsecurity/owasp-crs/activated_rules/*.conf" - Enable headers module:
This to fix the following error:
sudoa2enmod headerswhen restarting apache2.Syntax error on line 29 of /etc/apache2/conf.d/modsecurity/optional_rules/modsecurity_crs_49_header_tagging.conf:Invalid command 'RequestHeader', perhaps misspelled or defined by a module not included in the server configurationAction 'configtest' failed.The Apache error log may have more information....fail!
sudo
a2enmod mod-security;
sudo
/etc/init
.d
/apache2
restart
|
