Linux PHP and Website Security

How to Secure Your Apache 2.x Web Server With ModSecurity in Unix/Linux

ModSecurity is an open source web application firewall. Working embedded in the web server, or standalone as a network appliance,This WAF can help you to detects and prevents attacks against web applications.

modsecurity

  • Cross-Site Scripting (XSS)
  • Backdoors Detection
  • Trojans
  • ASP/PHP Injection
  • SQL & Command Injection, etc.

In this guide we will help you install the mod_security module on a web server running Ubuntu/Debian. For Debian, you have to login as root. ModSecurity works only with Apache 2 and  higher.

Installation

1. To install ModSecurity on Ubuntu, open the terminal (Ctrl+Alt+T) and run this command:

2. Create now directory for ModSecurity in the Apache2 folder:

3. Create now the configuration file for ModSecurity, which will be loaded by Apache, using this command:

Add the following code, save and exit.

4. ModSecurity rules using these two commands:

5. Modified and correct the line  in the modsecurity_crs_20_protocol_violations.conf file.

We need to replace this line:

Save and exit.

6. Restart now the Apche web server.

7. To verify if the ModSecurity module is loaded in Apache.

The output must be like this:

ModSecurity for Apache/2.6.0 (URL) configured.

Visit Official Link: ModSecurity

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply