1. Comment by atp1082

    the steps failed and caused apache2 to fail to boot.
    error locating file mod_security2.so
    I followed the steps to the letter using apache2 and modsecurity 2.1.1

  2. Comment by Mathieu Dessus

    What is your exact error message ?
    If it is something like “cannot open shared object file: No such file or directory”, make sure that the path to the module if correct. Otherwise.. let us know.

  3. Comment by Alex

    Thanks, man! It’s working for Ubuntu 6.06 and Apache 2.0. I was so disappointed that the latest modsecurity didn’t make it into Ubuntu packaging due to licensing issues. This article brought me to the up-n-running point in no time.

  4. Comment by tux821

    This is how it worked for my Debian Etch:

    Add source for Debian Etch in /var/apt/sources.list
    =====================================
    deb http://etc.inittab.org/~agi/debian/libapache-mod-security2/etch ./
    addidtions for Debian Etch:

    Add key for this source
    ==================
    # gpg –keyserver wwwkeys.eu.pgp.net –recv-keys C514AF8E4BA401C3
    # gpg –armor –export C514AF8E4BA401C3 | apt-key add -

    Update and install
    ==============
    # apt-get update
    # apt-get install libapache2-mod-security2

    Configure
    =======
    add directory for rules:
    # mkdir /etc/apache2/modsecurity

    copy the rules provided:
    # cp /usr/share/doc/libapache2-mod-security2/examples/rules/* /etc/apache2/modsecurity/

    configure for apache2, add file ‘/etc/apache2/conf.d/modsecurity.conf’
    with:

    # include the mod security configuration and rules.
    Include modsecurity/*.conf

    set log file references to /var/log/apache2/ in /etc/apache2/modsecurity/modsecurity_crs_10_config.conf
    e.g.
    SecAuditLog /var/log/apache2/modsec_audit.log
    SecDebugLog /var/log/apache2/modsec_debug.log

    Now restart apache:
    # /etc/init.d/apache2 restart

    Test if it works, like you mentioned above with:
    curl -i http://localhost/ -A Nessus

    Fine tuning:
    - tune main config file: modsecurity_crs_10_config.conf
    - read /usr/share/doc/libapache2-mod-security2/

  5. Comment by Mathieu Dessus

    Yes, packages should be the right way to install software in a Linux distrib, but this repository is not totally up to date today.

  6. Comment by Omid

    I created the /etc/apache2/modsecurity directory but I can’t find the file you refer to as “ModSecurity Core Rule Set files provided in the rules directory of the tarball in this directory” I couldn’t find the rules directory

(Close inline comments) (Respond now)