Ubuntu 10.04 + Apache + Current Mod Security

Introduction

This is designed to be a quick and easy installation for mod-security on Ubuntu 10.04 Server running LAMP. For some strange reason none of the existing guides work quite right, and it just causes a boatload of problems due to the addition of .data files.

Prerequisites

– Ubuntu 10.04 LTS Server (This will likely work on other versions)
– LAMP stack (with Apache 2.2.x)
– subversion, automake, libtool, build-essential, apache2-threaded-dev, libxml2-dev, libcurl4-dev, libreadline5-dev, lua5.1, luarocks
– About 20 minutes

Satisfy Dependencies

sudo apt-get install subversion automake libtool build-essential apache2-threaded-dev libxml2-dev libcurl4-dev libreadline5-dev lua5.1 luarocks

Installing Mod-Security

This method involves downloading the latest version using subversion, however you can get a static download : here
*note : make sure you extract these files or the rest of the procedure probably won’t make sense

Step 1 : Downloading Mod Security (if you used the static download link above you don’t have to do this)

run the following

sudo svn co https://mod-security.svn.sourceforge.net/svnroot/mod-security/m2/trunk modsecurity

Step 2 : Building Mod Security

Now that the most current source is downloaded we must compile and make mod-security.

run the following…

cd modsecurity
./autogen.sh
./configure
sudo make
sudo make install

Step 3 : Enabling Mod Security

Edit httpd.conf and add the following lines

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so
LoadModule security2_module modules/mod_security2.so

Step 4 : Verify Apache2 Starts Without Error

sudo /etc/init.d/apache2 restart

Installing Core Rules Set

Step 1 : Download Current Mod Security CRS

Static Link : Current Mod Security Core Rule Set
*note : again make sure you extract the files.

OR using svn we will do the following

sudo mkdir /etc/apache2/conf/modsecurity
cd /etc/apache2/conf.d/modsecurity
sudo svn co https://mod-security.svn.sourceforge.net/svnroot/mod-security/crs/trunk crs 

Step 2 : Configure rules

Configure your rules any way you need to for your web applications, however at very least you need to do the following.

sudo cp mod_security_crs_10_config.conf.example mod_security_crs_10_config.conf

Then cleanup

sudo rm README CHANGELOG INSTALL LICENSE

Step 3 : Enable Mod Security

Add the following lines to httpd.conf

       <IfModule security2_module>
               Include conf/modsecurity/crs/*.conf
               Include conf/modsecurity/crs/base_rules/*.conf
	       Include conf/modsecurity/crs/activated_rules/*.conf
       </IfModule>

Step 4: Verify Apache restarts

sudo /etc/init.d/apache2 restart

It should : Enjoy mod security!

Comments
  1. […] To learn more about installing mod-security on apache under Ubuntu 10.04 click here. […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s