More actions
No edit summary |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 4: | Line 4: | ||
<pre>sudo apt install apache2-dev gcc libxml2 libxml2-dev libpcre3-dev</pre> | <pre>sudo apt install apache2-dev gcc libxml2 libxml2-dev libpcre3-dev</pre> | ||
If you already have <code>libapache2-mod-security2</code> installed via apt then disable and uninstall it. | |||
<pre> | |||
sudo a2dismod security2 | |||
sudo apt purge libapache2-mod-security2 | |||
</pre> | |||
Then fetch the latest tarball from their github releases page and compile it using normal make cmds. Finally, make sure to enable the module and restart Apache. | |||
https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.7 | https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.7 | ||
Latest revision as of 21:45, 17 July 2024
Overview
Going to be compiling mod_security2 (v2.9.7) for Apache2 on Ubuntu 22.04. This module is pretty straight forward to compile. However, there are some dependencies.
sudo apt install apache2-dev gcc libxml2 libxml2-dev libpcre3-dev
If you already have libapache2-mod-security2 installed via apt then disable and uninstall it.
sudo a2dismod security2 sudo apt purge libapache2-mod-security2
Then fetch the latest tarball from their github releases page and compile it using normal make cmds. Finally, make sure to enable the module and restart Apache.
https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.7
sudo su cd /opt wget https://github.com/owasp-modsecurity/ModSecurity/releases/download/v2.9.7/modsecurity-2.9.7.tar.gz tar -xzvf modsecurity-2.9.7.tar.gz cd modsecurity-2.9.7 ./configure --with-apxs=/usr/bin/apxs make make install echo 'LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so' > /etc/apache2/mods-available/security2.load a2enmod security2 systemctl restart apache2
Then you should be able to see mod security enabled and working in the Apache error logs.
[Wed Jul 17 19:25:21.038359 2024] [security2:notice] [pid 1929:tid 140275463350144] ModSecurity for Apache/2.9.7 (http://www.modsecurity.org/) configured. [Wed Jul 17 19:25:21.038434 2024] [security2:notice] [pid 1929:tid 140275463350144] ModSecurity: APR compiled version="1.7.0"; loaded version="1.7.0" [Wed Jul 17 19:25:21.038447 2024] [security2:notice] [pid 1929:tid 140275463350144] ModSecurity: PCRE compiled version="8.39 "; loaded version="8.39 2016-06-14" [Wed Jul 17 19:25:21.038449 2024] [security2:notice] [pid 1929:tid 140275463350144] ModSecurity: LIBXML compiled version="2.9.13" [Wed Jul 17 19:25:21.038549 2024] [security2:notice] [pid 1929:tid 140275463350144] ModSecurity: StatusEngine call: "2.9.7,Apache/2.4.52 (Ubuntu),1.7.0/1.7.0,8.39/8.39 2016-06-14,(null),2.9.13,e013612419474187e43b03a4f546e0736dc12934"
Additional Resources
Please see their official handbook for more details on compiling this module.
Also be sure to run ./configure --help for more information about how to compile this for your system.