askwrite Posted June 20, 2014 Report Share Posted June 20, 2014 (edited) ModSecurityModSecurity is an Open Source Web Application project (Apache module) that aims to secure web applications running on webservers and block penetration or hacking attempts investigating in the body of http requests. It provides intrusion detection and prevention for web applications and aims at shielding web applications from attacks like SQL injections, cross-site scripting and path traversal attacks ...About Apache modulesThe Apache WebServer is a modular application where the user can choose the functionality to include in the server by selecting desired modules. Modules can be either statically compiled into the httpd binary when the server is built or compiled as Dynamic Shared Objects (DSOs) separately from the main httpd binary file. DSO modules may be compiled at the time the server is built, or they may be compiled and added at a later time using the Apache Extension Tool (apxs). After a module is compiled into a DSO, it will have an extension like mod.so.Installing mod-securityMod-security can be installed with apt-get manager on Debian, or on Fedora system Yum can be used. First, we'll update apt-get source database:LinuxBox# apt-get update Ign Index of / lenny Release.gpg Ign Index of /debian lenny/main Translation-en Hit Debian -- Security Information squeeze/updates Release.gpg Ign Debian -- Security Information squeeze/updates/contrib Translation-en Ign Debian -- Security Information squeeze/updates/contrib Translation-en_US Ign Index of /debian lenny/main Translation-en_US Hit Index of / squeeze Release.gpg Ign Index of /debian squeeze/main Translation-en Ign Index of /debian squeeze/main Translation-en_US Ign Index of / lenny Release Ign Debian -- Security Information squeeze/updates/main Translation-en Ign Debian -- Security Information squeeze/updates/main Translation-en_US Hit Debian -- Security Information squeeze/updates Release Hit Index of / squeeze Release ... .. .After updating source list, we can install mod-security:LinuxBox# apt-get install libapache-mod-security Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: liblua5.1-0 mod-security-common The following NEW packages will be installed: libapache-mod-security liblua5.1-0 mod-security-common 0 upgraded, 3 newly installed, 0 to remove and 73 not upgraded. Need to get 1,158 kB of archives. After this operation, 3,490 kB of additional disk space will be used. Do you want to continue [Y/n]? ... .. . Setting up libapache-mod-security (2.5.12-1) ... Reloading web server config: apache2.In /etc/apache2/mods-available/ we can find available apache modules and mod-security:LinuxBox# ls /etc/apache2/mods-available/ | grep mod mod-security.load LinuxBox#(In /etc/apache2/mods-enbled are located symlinks on modules which are enabled)Enabling or disabling Apache modulesOnce apache module is installed we can enable it with a2dismod, or disable it with a2dismod command, after which we have to restart the Apache server with "/etc/init.d/apache2 restart" command:LinuxBox# a2dismod mod-security && /etc/init.d/apache2 restart Module mod-security disabled. Run '/etc/init.d/apache2 restart' to activate new configuration! Restarting web server: apache2 ... waiting . LinuxBox# a2enmod mod-security && /etc/init.d/apache2 restart Enabling module mod-security. Run '/etc/init.d/apache2 restart' to activate new configuration! Restarting web server: apache2 ... waiting .Check loaded modulesTo check and see loaded modules, modules which are enabled, apachectl -M can be used:LinuxBox# apachectl -M Loaded Modules: core_module (static) log_config_module (static) logio_module (static) mpm_prefork_module (static) http_module (static) so_module (static) alias_module (shared) auth_basic_module (shared) authn_file_module (shared) authz_default_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgi_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) mime_module (shared) security2_module (shared) negotiation_module (shared) perl_module (shared) php5_module (shared) python_module (shared) reqtimeout_module (shared) setenvif_module (shared) status_module (shared) unique_id_module (shared) Syntax OK LinuxBox#Source:Apache Server security, mod-security, IT Tutorials, Linux tutorials, (ICT) Information Technology Tutorials Edited June 20, 2014 by nedo La rugamintea lui ask Quote Link to comment Share on other sites More sharing options...
