{"id":2053,"date":"2012-01-11T14:30:22","date_gmt":"2012-01-11T14:30:22","guid":{"rendered":"http:\/\/www.theprojectxblog.net\/?p=2053"},"modified":"2012-01-11T14:30:22","modified_gmt":"2012-01-11T14:30:22","slug":"how-to-secure-your-apache-2-x-web-server-with-modsecurity-in-linux","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=2053","title":{"rendered":"How to Secure Your Apache 2.x Web Server With ModSecurity in Unix\/Linux"},"content":{"rendered":"<p><strong>ModSecurity<\/strong>\u00a0is an open source web application firewall. Working embedded in the web server, or standalone as a network appliance,This WAF can help you to detects and prevents attacks against web applications.<br \/>\n<a href=\"http:\/\/www.ubuntupirates.com\/wp-content\/uploads\/2011\/11\/mod.png\"><img decoding=\"async\" title=\"mod\" src=\"http:\/\/www.ubuntupirates.com\/wp-content\/uploads\/2011\/11\/mod.png\" alt=\"modsecurity\" width=\"288\" height=\"99\" \/><\/a><\/p>\n<ul>\n<li>Cross-Site Scripting (XSS)<\/li>\n<li>Backdoors Detection<\/li>\n<li>Trojans<\/li>\n<li>ASP\/PHP Injection<\/li>\n<li>SQL &amp; Command Injection, etc.<\/li>\n<\/ul>\n<p>In this guide we will help you install the mod_security module on a web server running Ubuntu\/Debian.\u00a0For Debian, you have to login as root.\u00a0ModSecurity works only with Apache 2 and \u00a0higher.<br \/>\n<!--more--><br \/>\n<strong>Installation<\/strong><br \/>\n1. To install ModSecurity on Ubuntu, open the terminal (Ctrl+Alt+T) and run this command:<\/p>\n<pre>sudo apt-get install libapache2-modsecurity<\/pre>\n<p>2. Create now directory for ModSecurity in the Apache2 folder:<\/p>\n<pre>sudo mkdir \/etc\/apache2\/modsecurity<\/pre>\n<p>3. Create now the configuration file for ModSecurity, which will be loaded by Apache, using this command:<\/p>\n<pre>sudo gedit \/etc\/apache2\/conf.d\/modsecurity.conf<\/pre>\n<p>Add the following code, save and exit.<\/p>\n<pre>## \/etc\/init.d\/apache2\/conf.d\/modsecurity.conf\nInclude modsecurity\/*.conf<\/pre>\n<p>4. ModSecurity rules using these two commands:<\/p>\n<pre>cd \/etc\/apache2\/modsecurity\nsudo cp -R \/usr\/share\/modsecurity-crs\/base_rules\/* .<\/pre>\n<p>5. Modified and correct the line \u00a0in the modsecurity_crs_20_protocol_violations.conf file.<\/p>\n<pre>sudo gedit \/etc\/apache2\/modsecurity\/\nmodsecurity_crs_20_protocol_violations.conf<\/pre>\n<p><strong>We need to replace this line:<\/strong><\/p>\n<pre>SecRule REQBODY_ERROR \"!@eq 0\" \nwith this one:\nSecRule REQBODY_PROCESSOR_ERROR \"!@eq 0\" <\/pre>\n<p>Save and exit.<br \/>\n6. Restart now the Apche web server.<\/p>\n<pre>sudo \/etc\/init.d\/apache2 restart<\/pre>\n<p>7. To verify if the ModSecurity module is loaded in Apache.<\/p>\n<pre>cat \/var\/log\/apache2\/error.log | grep modsecurity<\/pre>\n<p>The output must be like this:<br \/>\nModSecurity for Apache\/2.6.0 (URL) configured.<br \/>\nVisit Official Link:\u00a0<strong><a title=\"ModSecurity\" href=\"http:\/\/www.modsecurity.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">ModSecurity<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ModSecurity\u00a0is an open source web application firewall. Working embedded in the web server, or standalone as a network appliance,This WAF can help you to detects and prevents attacks against web applications. Cross-Site Scripting (XSS) Backdoors Detection Trojans ASP\/PHP Injection SQL &amp; Command Injection, etc. In this guide we will help you install the mod_security module<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,508],"tags":[503,504,505,506,30,507,34,509,37],"class_list":["post-2053","post","type-post","status-publish","format-standard","hentry","category-linux","category-php-and-website-security","tag-apache2","tag-aspphp-injection","tag-backdoors-detection","tag-cross-site-scripting-xss","tag-debian","tag-mod-security","tag-security","tag-sql-command-injection","tag-trojans"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2053","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2053"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2053\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2053"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2053"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2053"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}