mod security

install mod security then


Add in httpd.conf


 Include /etc/httpd/conf/extra/modsecurity.d/owasp-modsecurity-crs/crs-setup.conf

Include /etc/httpd/conf/extra/modsecurity.d/owasp-modsecurity-crs/rules/*.conf


LoadModule security2_module /usr/local/modsecurity/lib/mod_security2.so

<IfModule mod_security2.c>

Include /etc/httpd/conf/extra/modsecurity.conf

</IfModule>



https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/




Step 1: Downloading OWASP ModSecurity Core Rule Set

The ModSecurity Core Rule Set are being developed under the umbrella of OWASP, the Open Web Application Security Project. The rules themselves are available on GitHub and can be downloaded via git or with the following wget command:

$> cd /apache/conf
$> wget https://github.com/coreruleset/coreruleset/archive/v3.3.0.tar.gz

Installing on Apache

--------------------

    1. Install ModSecurity for Apache

    2. Ensure that ModSecurity is loading correctly by checking error.log

    at start up for lines indicating ModSecurity is installed. An example

    might appear as follows:

    ```ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/) configured.```

    3. The most common method of deploying ModSecurity we have seen is

    to create a new folder underneath the Apache directory (typically

    /usr/local/apache/, /etc/httpd/, or /etc/apache2). Often this folder

    is called 'modsecurity.d'. Create this folder and cd into it.

    4. Download our release from https://coreruleset.org/installation/

    and unpack it into a new owasp-modsecurity-crs folder.

    5. Move the crs-setup.conf.example file to crs-setup.conf.

    Please take the time to go through this file and customize the settings

    for your local environment. Failure to do so may result in false

    negatives and false positives. See the section entitled OWASP CRS

    Configuration for more detail.

    6. Rename rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example and

    rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example to remove the

    '.example' extension. This will allow you to add exclusions without updates

    overwriting them in the future.

  

 7. Add the following line to your httpd.conf/apache2.conf (the following

    assumes you've put CRS into modsecurity.d/owasp-modsecurity-crs). You

    can alternatively place these in any config file included by Apache:

    ```

        <IfModule security2_module>

                Include modsecurity.d/owasp-modsecurity-crs/crs-setup.conf

                Include modsecurity.d/owasp-modsecurity-crs/rules/*.conf

    </IfModule>

        ```

    8. Restart web server and ensure it starts without errors

    9. Make sure your web sites are still running fine.

    10. Proceed to the section "Testing the Installation" below.


check mod sec logs in /var/log/mod_Sec.log


Comments

Post a Comment

Popular posts from this blog

cpanel exam CPSP Answers

 Which of the following options best describes the role of Shared Hosting on a web server? Providing hosting for a single website owned by different people on multiple servers. Providing hosting for a single website owned by one person on one server. Providing hosting for multiple websites owned by different people on one server. Providing hosting for multiple websites owned by one person on one server. 3 Which of the following capabilities can a cPanel account user perform easily from within the cPanel account interface without the aid of a system administrator? File and configuration management. Relocating the physical server. Upgrading server hardware and equipment. Installing new database software. 1 File and configuration management. Which of the following options best describes a core benefit to using cPanel & WHM, as a web hosting provider operating on a cPanel & WHM environment? cPanel users are able to create new virtualization resources to help host their web appl...
Read more

How to install zimbra collaboration suite 8.8.11 on CentOS 7

Check system requirements  https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0/Single_Server_Installation#System_Requirements prerequisites Before we get started, here are a few things that are required before we proceed with the installation. A clean installation of Centos 7 A Fully Qualified Domain (FQDN) for your server(Example mail.geekybum.com) An external DNS server with both A and MX records for your server to point to your Zimbra mail server IP Address A static IP Address assigned to network interface. Step 1: Root login to server through SSH Step 2: Install required packages for zimbra coloboration suite installation yum -y install unzip net-tools sysstat openssh-clients perl-core libaio nmap-ncat libstdc++.so Initial server setup To get started we need to configure a hostname for our server and a static IP address. vi /etc/hosts 135.125.30.56 mail.geekybum.com mail Replace the system hostname and FQDN values accordingly in order to match your ow...
Read more

awstats installation

Set Up AWStats for Nginx on Ubuntu sudo apt-get install awstats add access log file to generate stats using this server { # ... all your other config ... access_log /var/log/nginx/yourdomain.com.access.log ; # ... all your other config ... } /etc/nginx/sites-available vi awstats.parleproducts.com.conf cd /etc/awstats/ vi awstats.parleproducts.com.conf #path to your nginx log file LogFile="/var/log/nginx/parleproducts.com.access.log" # Domain of your vhost SiteDomain="parleproducts.com" # Directory where to store the awstats data DirData="/var/lib/awstats/" # Other domains/subdomain you want included from your logs, for example the www subdomain HostAliases="www.parleproducts.com" # If you customized your log format above add this line: LogFormat = ""%host %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot"" # If you did not, uncomment and use this line: #...
Read more