How to set up MOD_SECURITY?

 Log in to your server

Log in to mCloud portal, open the main page of your server and then follow these steps:

  1. Click Console.
  2. Enter your username: "root".
  3. Enter your password (to see your password, click Show under Root password).

Install EPEL

While MOD_SECURITY is not available in the official CentOS package repository, it is packaged for the EPEL project. EPEL, standing for Extra Packages for Enterprise Linux, can be installed with a release package that is available from CentOS:

yum install epel-release

Install MOD_SECURITY

After installing EPEL, enter the following command to install MOD_SECURITY:

# yum install mod_security mod_security_crs

Confirm the installation was successful by opening the configuration file:

cat /etc/httpd/conf.d/mod_security.conf

Now check if the SecRuleEngine is set to "on":

SecRuleEngine on

If so, restart Apache:

systemctl restart httpd

Finally, in order to check if MOD_SECURITY is active, check the Apache error logs where you should see something like this:

[Sat Mar15 16 09:20:58 2018] [notice] ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/) configured. [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: APR compiled version=”1.3.9″; loaded version=”1.3.9″ [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: PCRE compiled version=”7.8 “; loaded version=”7.8 2008-09-05″ [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: LUA compiled version=”Lua 5.1″ [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: LIBXML compiled version=”2.7.6″

Important files to remember

  • Mod Security configuration file– /etc/httpd/conf.d/mod_security.conf
  • Debug Log – /var/log/httpd/modsec_debug.log
  • Audit log – /var/log/httpd/modsec_audit.log
  • Rules – /etc/httpd/modsecurity.d/activated_rules


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 2964