installation and configuration of mod_security in centos

Pranaam to all bhai ji _/\_
Today we are going to learn, how to setup mod_security and configuring it with OWASP core rule sets
mod security is apache server security module which prevent web server from many known security attack by checking client requst and block request if it is contains malicious  data
it is well known and widely used open source web server security module .
but there is important thing , we also need to configure mod_security with core rule set , so that it can check client request for known malicious  data/keywords.i am gonna configure mod_security with OWASP core rule sets
lets start............

mod_security can be installed by using 2 ways
using yum
using tar bal(source)
i am using yum :P
yum package name for mod_security is  mod_security
run command
yum install mod_security


after installation of mod_security, we need to add core rule sets so that it can block malicious request to web server
here is download links for core rule sets

i am going ot use  owasp-modsecurity-core rule sets
download tar file of rule sets using wget command
wget http://pkgs.fedoraproject.org/repo/pkgs/mod_security_crs/owasp-modsecurity-crs-2.2.8.tar.gz/fdee278c02d41a1377dc20a616b2f327/owasp-modsecurity-crs-2.2.8.tar.gz

extract them using command tar -xzf  owasp*

change name of extracted directory  to simple one or you may use original name :)
and place extracted directory of core rule sets to directory  /etc/httpd

enter into core rule set directory , we need to rename modsecurity_crs_10_setup.conf.example to something.conf

i am renaming modsecurity_crs_10_setup.conf.example  to modsecurity_crs_10_setup.conf
using mv command
mv  modsecurity_crs_10_setup.conf.example     modsecurity_crs_10_setup.conf

ok now we need to include these core rule sets into apache configuration file  (/etc/httpd/conf/httpd.conf)
opn file  /etc/httpd/conf/httpd.conf

and add location of core rule set configuration file(modsecurity_crs_10_setup.conf) as well as conf files in base_rule directory under core rule set directory
for example , in mine case core rule set directory name is  modsecurity-crs-2.2.8
config file name is modsecurity_crs_10_setup.conf and it is present under modsecurity-crs-2.2.8  directory
base_rules directory also under modsecurity-crs-2.2.8  directory
so..... add following lines at the end of apache server config file

<IfModule security2_module>
     include    your_core_rule_set_dir/modsecurity_crs_10_setup.conf
     include    your_core_rule_set_dir/base_rules/*.conf
in mine case ,  your_core_rule_set_dir  is  modsecurity-crs-2.2.8

oooooooooooook , restart apache server and see the magic

and here is magic :D
i have a SQL injection vulnerable website on my system and what hapened when i tried to inject SQL command :P

aaahaaa :D mod security is blocking SQL injection ^_^
this was tutorial on how to setup mod_security and configuring it
Thank you
Greetz to :- Guru ji Zero , code breaker ica, Aasim shaikh,Reborn, Raman kumar rana,INX_r0ot,Darkwolf indishell, Chinmay Pandya ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,Hardeep bhai,Mannu,Viki and AR AR bhai ji <3
Share this post


:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

© 2009 Start With Linux | Mannu Linux
Designed by cyb3r.gladiat0r
Posts RSSComments RSS
Back to top