How to Configure ModSecurity on Apache

Written by Alex


ModSecurity is free Apache modules that protect your web server from various brute force or (D)DoS attacks, including SQL injection, cross-site scripting, session hijacking, In addition, many others. In other words mod_security module act as a website protector. Both modules can be deployed and integrated into your infrastructure without modifying your internal network.
In this tutorial, I will let you know how to install, configure, and integrate ModSecurity and mod_evasive with Apache on CentOS 7.

Installing ModSecurity

First, you have to install the EPEL yum repository on the server. Run the below command to install and enable the EPEL repository:

# sudo rpm -ivh

2. After that you have to  install ModSecurity by running the below command:

# sudo yum --enablerepo=epel install mod_security mod_evasive

3. After installing these modules, you can verify by running the below commands:

# sudo httpd -M | grep evasive

4. If mod_evasive is enabled, you can see the below output:

evasive20_module (shared)

5. To test the mod_security module, run:

# sudo httpd -M | grep security

 If mod_security is enabled, you will see the below output:

security2_module (shared)

Configure ModSecurity

Now the installation is complete and verified, you have to install a Core Rule Set (CRS) in order to use mod_security. The CRS provides a web server with a set of rules on how to behave under certain conditions. After that, you have to download and install the latest OWASP CRS by running the following commands

# sudo mkdir /etc/httpd/crs
# sudo cd /etc/httpd/crs
# sudo wget
# sudo tar -xvf master
# sudo  mv SpiderLabs-owasp-modsecurity-crs-* owasp-modsecurity-crs

Now go to the installed OWASP CRS directory

# sudo cd  /etc/httpd/crs/owasp-modsecurity-crs/

In the OWASP CRS directory, you will find a sample file with rule name  modsecurity_crs_10_setup.conf.example. You have to copy its contents into a new file named modsecurity_crs_10_setup.conf.

 # sudo cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf

So now you have to tell Apache to use this file along with the module. You will need to do this by editing Apache main configuration file

# sudo nano /etc/httpd/conf/httpd.conf

Add the following lines at the end of file

<IfModule security2_module>
    Include /etc/httpd/crs/owasp-modsecurity-crs/modsecurity_crs_10_setup.conf
    Include /etc/httpd/crs/owasp-modsecurity-crs/base_rules/*.conf

Save and close the file and restart Apache to reflect changes.

# sudo service apache2 restart (Debien/Ubuntu)
# sudo service httpd restart (RHEL/CentOS)

Last, it is a best practice to create your own configuration file within the modsecurity.d directory.

So you can create a file named mod_security.conf.

# sudo nano /etc/httpd/modsecurity.d/mod_security.conf

After that, you have to add the following lines

<IfModule mod_security2.c>
    SecRuleEngine On
    SecRequestBodyAccess On
    SecResponseBodyAccess On 
    SecResponseBodyMimeType text/plain text/html text/xml application/octet-stream 
    SecDataDir /tmp

Save and close the file and restart Apache to reflect the changes similarly we did above.

# sudo service apache2 restart (Debien/Ubuntu)
# sudo service httpd restart (RHEL/CentOS)

In Conclusion

Now you have successfully configured mod security in the apache web server and you can configure on Any Linux based OS like CentOS and Redhat with help of above all configuration.

We hope you are like this article and this is useful for you. If you learn more about Linux, AWS Tips, and Tricks Please Bookmark this Website.

We are Daily Publish New Article in this Website WWW.BPMTECHGURU.IN and all post on this website is practically tested and 100% Work if you have any Problem Please Drop a Comment we are trying to resolve your problem.

About the author


Leave a Comment