mod_security installation in ubuntu with owasp core rule sets

This is the document about configuring apache server with mod security+owasp core rule sets (ubuntu as OS)
owasp core rule sets are very hard to bypass and server admins can use it to defend server against common attacks
i performed steps given below on ubuntu 12

so lets start
enter into directory /etc/apache2
cd /etc/apache2

download mod security source code and owasp core rule sets

command is
mod security source code
wget https://www.modsecurity.org/tarball/2.8.0/modsecurity-2.8.0.tar.gz

owasp core rule sets
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/master.zip
exract mod security source code
command is
tar -xzf modsecurity-2.8.0.tar.gz

enter into source code directory
cd modsecurity-2.8.0/

we need to install libxml2-dev package to avoid "configure: error: libxml2 library is required" during mod security source code compilation
command is
apt-get install libxml2-dev

now we will start mod security package source code compilation
but make sure configure file has execute permission
ls -l configure
if it doesnt has execute permission
run command
chmod +x configure
ok, lets start
execute command

if everything went fine(means no error), move to next step
execute command
make install
after it, copy modsecurity config file to directory from where apache reads extra config files
execute this command on terminal
cp modsecurity.conf-recommended /etc/apache2/conf.d/modsecurity.conf
create unicode.mapping in conf.d directory :p (to avoid error during apache reload after integrating rules with apache)
command is
touch /etc/apache2/conf.d/unicode.mapping

ok, time to move to owasp mod security core rule sets
unzip the core rule sets

cd /etc/apache2/ && unzip master.zip

rename extracted directory(owasp mod security rule set) to a simple one
i am renaming owasp-modsecurity-crs-master to modsecurity-crs
command is

mv owasp-modsecurity-crs-master/ modsecurity-crs

enter into modsecurity-crs directory and generate a copy of modsecurity crs setup file

cd modsecurity-crs/ && cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf

open modsecurity.conf to define mod secuirty working when a request come to server

nano /etc/apache2/conf.d/modsecurity.conf
change value of SecRuleEngine to on
SecRuleEngine On

change SecRequestBodyAccess to Off if you dont want to check for post request body(which is not advicable because post request may also contain malecious request in it :p )
SecRequestBodyAccess On

now open apache main config file to include owasp rules file in it

nano /etc/apache2/apache2.conf
scroll down to the end of the file and add following lines to file

<IfModule security2_module>
Include modsecurity-crs/modsecurity_crs_10_setup.conf
Include modsecurity-crs/base_rules/*.conf

now load mod security module
open file
nano /etc/apache2/mods-available/mod_security2.load
and add this text
LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so

enter into directory /etc/apache2/mods-enabled
and create symlink of /etc/apache2/mods-available/mod_security2.load file in the directory by executing command
command is
cd /etc/apache2/mods-enabled && ln -s ../mods-available/mod_security2.load mod_security2.load

load mod_unique_id (it is required for mod security)
command is

cd /etc/apache2/mods-enabled && ln -s ../mods-available/unique_id.load unique_id.load

and now before restarting apache with mod secuirt time to check whether apache config is correct or not
execute command
apache2ctl configtest
if it doesnt generate any error means our apache config file is correct and we can restart our apache server to launch it with mod security >:D<

execute command service apache2 restart to restart apache server

and wot wot 3:) now our apache server is loaded with hardest security rules :D

mod security logs will be saved in file

if you have any issue using this tutorial , please let me know :)
Thank you

-==[[Love to]]==--
zero Cool ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,Reborn India,L0rd Crus4d3r,AR AR,Hackuin,Mannu, ViKi, Hardeep singh, Bhuppi,Mohit, Ffe, Anju, RR Mam, Acchi bacchi(Jagriti) and DON
Share this post


:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

© 2009 Start With Linux | Mannu Linux
Designed by cyb3r.gladiat0r
Posts RSSComments RSS
Back to top