In this tutorial we will show you how to install Mod_Security on CentOS 7. For those of you who didn’t know, ModSecurity is an open source, cross platform web application firewall (WAF) developed by Trustwave’s SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation ModSecurity on a CentOS 7 server.
Install Mod_Security Apache on CentOS 7
Step 1. First, let’s start by ensuring your system is up-to-date.
yum clean all yum -y update
Step 2. Installing Mod_Security Apache on CentOS
Install Dependencies for mod_security:
yum install gcc make httpd-devel libxml2 pcre-devel libxml2-devel curl-devel git
Next, download latest stable release of mod_security source code from their official website to your server:
wget https://www.modsecurity.org/tarball/2.9.3/modsecurity-2.9.3.tar.gz tar xzf modsecurity-apache_2.9.3.tar.gz cd modsecurity-apache_2.9.3 ./configure make install cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf cp unicode.mapping /etc/httpd/conf.d/
Step 3. Configuring Mod_Security.
# nano /etc/httpd/conf/httpd.conf LoadModule security2_module modules/mod_security2.so
Now set the basic rule set in your httpd.conf file. Add the following lines of code at the end of the file:
<IfModule security2_module> Include conf.d/modsecurity.conf </IfModule>
Save the changes and restart Apache:
systemctl restart httpd
Step 4. Download and configure OWASP (Open Web Application Security Project) core rule set for a base configuration.
cd /etc/httpd git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git mv owasp-modsecurity-crs modsecurity-crs cd modsecurity-crs cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf
Open the Apache configuration file again, and add the following lines at the end of the file:
# nano /etc/httpd/conf/httpd.conf Include modsecurity-crs/modsecurity_crs_10_config.conf Include modsecurity-crs/base_rules/*.conf
Next, restart the Apache service to enable mod_security module:
systemctl restart httpd
Congratulation’s! You have successfully installed Mod_Security. Thanks for using this tutorial for installing Mod_Security on CentOS 7 system. For additional help or useful information, we recommend you to check the official ModSecurity website.