Mod security
From Ezee.co.uk
Contents |
[edit] Mod Security V 2.1.2
Here is an RPM for modsecurity-apache-2.1.2-1.i386.rpm
[edit] About the RPM
I got fed up of having to transfer binaries and generally messing around so I have created an RPM for mod security V2.1.2:
[edit] Caveats and WARNINGS!!!
Please note this was created on a Centos V5 System with a Fresh install of Plesk 8.2.0 and no other software installed. The Centos 5 software was installed from a Virtuozzo EZ Template.
I cannot garantee this will work on anything, all I can say is the RPM doesn't attempt to mess with any of the standard apache files. All configuration and module loading is done in a new file at /etc/httpd/conf.d/anti-hack.conf This loads the 3 bits necessary for it to work as follows.
LoadModule unique_id_module modules/mod_unique_id.so LoadFile /usr/lib/libxml2.so LoadModule security2_module modules/mod_security2.so
Please also note: I have never created an RPM before and this is probably not the prettiest of rpm's but it has worked across 5 installations I have tested it on. There is no un-install procedure built into it and no dependency checking. I may add this when I learn a little more about RPMS.
It also copies the core configuration files. If you don't want any of these activated simply delete them from the conf.d directory
If you already have libxml2 installed make a backup of it from /usr/lib/libxml2.so 1st as my version may be different from yours. I installed it directly from the Centos repository using Yum. Yours may have come from elsewhere.
So, if you need a very quick install of mod_security-2.1.2 and are running Virtuozzo and use the Centos-5 EZ template give it a go by all means. But I cannot offer support and cannot garantee its performance. I am simply posting this here so I can get access to it quickly and in case anyone else might want to have a go with it.
[edit] INSTALLING
To install
wget http://ezee.co.uk/rpms/modsecurity-apache-2.1.2-1.i386.rpm /etc/rc.d/init.d/httpd restart
To see if it is working
tail /var/log/httpd/modsec_audit.log
keywords: Centos "Centos-5" mod_security modsecurity-2.1.2 rpm
