Howto: Enable mod_security in Apache/2.2.23

Posted on Updated on

It is a opensource plafrorm works with apache. Mod security is used to sure sites form several attack’s like  trojans, DDos, generic_attacks, bad_robots, etc, It is good to have filtering system for apache.

Installation :

Downlaod package form official download :

[root@server ~]#wget

Make sure that you have install dependence  packages or installed below package

[root@server ~]#yum install apr-devel
[root@server ~]#yum install pcre-devel

Untar Package and swithc to apache directory.

[root@server ~]#tar zxvf modsecurity-apache_2.5.13.tar.gz
[root@server ~]#cd modsecurity-apache_2.5.13/apache2/

Configure with apr package .

[root@server apache2]#./configure --with-apr=/usr/bin/apr-1-config


[root@server apache2]#./configure --with-apr=/usr/bin/apr


[root@server apache2]# make;make install

Add one line to your configuration to load module. you may find module under /usr/local/apache2/modules/

[root@server apache2]# vi /etc/httpd/conf/httpd.conf

LoadModule security2_module modules/

Start Apache

[root@server apache2]# service httpd restart

Thats it, now you may check the loaded module.

[root@server apache2]# httpd -M |grep security
 Syntax OK
 security2_module (shared)

Also you may try some base rules for mode security

mkdir -p /etc/modsecurity2/base_rules/
cd /etc/modsecurity2/base_rules/
vi /etc/httpd/conf/httpd.conf
<IfModule mod_security2.c>
# ModSecurity2 config file.
Include /etc/modsecurity2/base_rules/*conf

Restart Apache

Enjoy 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s