Setting up ModSecurity - Paiet/SEC-440-Webmin GitHub Wiki
How to Set Up ModSecurity with Apache on Debian/Ubuntu
ModSecurity is a web application firewall (WAF) for Apache HTTP Server. It is a rules engine that inspects requests and processes them accordingly before responding to the client. It can be used with other WAF solutions like the HTTP Header WAF, or as a stand-alone solution. This Guide will see how to set up ModSecurity with Apache on Debian/Ubuntu. To know more about Apache, check out our other guide here. The steps mentioned in this guide are general. Therefore, ensure you have the latest version of Apache and its related packages on your system before proceeding.
If you'll be performing this procedure on a Debian/Ubuntu system, run through the following checklist:
--
Installing Apache Web Server On Debian/Ubuntu
1. Install Apache webserver
2. Install mod-security firewall
3. Restart Apache service
4. Verify mod-security installation
--
Enable and Start Apache Web Server
You must start Apache before proceeding. To do so, run the following commands in the terminal:
sudo update-rc.d apache2 defaults
sudo service apache2 start
--
Install ModSecurity On Debian/Ubuntu
1. Install the apache2-utils package with the command:
sudo apt-get install apache2-utils
Note: If your system is Ubuntu, use apt instead of apt-get.
2. Create a directory for ModSecurity configuration files and change the apache user's privilege to read and write on this directory:
mkdir /etc/modsecurity sudo chown -R apache:apache /etc/modsecurity
3. Create a backup of Apache SSL certificate and key files so that you can restore them later if needed:
cd /etc; sudo openssl s_client -connect localhost:443 -showcerts