How to Install ModSecurity on Ubuntu 20.4.1
- 00:42 lsb_release -a
- 00:54 apt-get install libapache2-mod-security2
- 01:08 apachectl -M | grep --color security
- 02:51 mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
- 03:00 vim /etc/modsecurity/modsecurity.conf
- 03:28 systemctl restart apache2
- 03:53 vim /etc/apache2/mods-enabled/security2.conf
- 04:26 systemctl restart apache2
To Install Modsecurity on Ubuntu 20.4.1
Introduction:
Mod security is a free Apache module that is used to secure our web server from various attacks including SQL injection, cross site scripting, session hijacking, brute force, and other exploits. It also permits us to monitor traffic on a real-time basis. Check OS version by using the below command
root@linuxhelp:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.1 LTS
Release: 20.04
Codename: focal
You can install mod security using the following command:
root@linuxhelp:~# apt-get install libapache2-mod-security2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
apache2-bin libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap liblua5.1-0 liblua5.2-0 modsecurity-crs
Suggested packages:
apache2-doc apache2-suexec-pristine | apache2-suexec-custom lua geoip-database-contrib ruby python
The following NEW packages will be installed:
apache2-bin libapache2-mod-security2 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap liblua5.1-0
check if the mod_security module is running, use the following command You should see a module named security2_module (shared) which indicates that the module was loaded.
root@linuxhelp:~# apachectl -M | grep --color security
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
enable the mod_security rules, you need to rename and edit the mod security recommended configuration file and set the SecRuleEngine option to On For this run the following command:
root@linuxhelp:~# mv /etc/modsecurity/modsecurity.conf-recommended/ /etc/modsecurity/modsecurity.conf/
root@linuxhelp:~# vim /etc/modsecurity/modsecurity.conf
Add/edit the following line in the above opened file:
SecRuleEngine On
Now restart Apache for the changes to take effect.
root@linuxhelp:~# systemctl restart apache2
There are lot of security rules that come with Modesecurity (called the Core Rule Set) that are located in the “/usr/share/modsecurity-crs” directory. Now you need to enable these rules to get it working with Apache.
root@linuxhelp:~# vim /etc/apache2/mods-enabled/security2.conf
Add/edit the following line:
IncludeOptional “/usr/share/modsecurity-crs/*.con”
IncludeOptional “/usr/share/modsecurity-crs/base_rules/*.conf
Save the file and restart the Apache service.
root@linuxhelp:~# systemctl restart apache2
With this method Installation of modsecurity on Ubuntu 20.4.1 comes to an end.
Comments ( 0 )
No comments available