How to configure modsecurity for Apache?

hack3rcon · Post by **hack3rcon** » 2021/02/18 12:54:21

Hello,
I'm using CentOS 8 x86_64 and I want to configure ModSecurity for Apache. I looked at https://phoenixnap.com/kb/setup-configure-modsecurity-on-apache tutorial, but I can't find any "/etc/modsecurity" directory!!!
I used below find command to find that directory:

Code: Select all

# find / -name modsecurity -print

But no result.
Why?

Thank you.

Post by **TrevorH** » 2021/02/18 13:14:27

yum list mod_sec\*

hack3rcon · Post by **hack3rcon** » 2021/02/18 13:32:07

TrevorH wrote: ↑
2021/02/18 13:14:27
yum list mod_sec\*

The result is:

Code: Select all

# yum list mod_sec\*
Last metadata expiration check: 2:41:17 ago on Thu 18 Feb 2021 02:21:23 PM +0330.
Installed Packages
mod_security.x86_64                       2.9.2-8.el8                 @appstream
Available Packages
mod_security-mlogc.x86_64                 2.9.2-8.el8                 appstream 
mod_security_crs.noarch                   3.0.0-5.el8                 appstream

hack3rcon · Post by **hack3rcon** » 2021/03/02 09:19:11

Hello,
My problem was "mod_security_crs" package. I forgot to install it.
I read https://github.com/coreruleset/corerule ... ev/INSTALL and I have other questions:

1- At https://github.com/coreruleset/corerule ... ev/INSTALL I read "Download our release from https://coreruleset.org/installation/
and unpack it into a new owasp-modsecurity-crs folder". Thus, I must create a "owasp-modsecurity-crs" directory in the "/etc/httpd/modsecurity.d/" directory?

2- In the "httpd.conf" file, you can add some configuration lines and as https://github.com/coreruleset/corerule ... ev/INSTALL said, these are :

Code: Select all

 <IfModule security2_module>
          Include modsecurity.d/owasp-modsecurity-crs/crs-setup.conf
          Include modsecurity.d/owasp-modsecurity-crs/rules/*.conf
    </IfModule>

But, it just for Debian? The "httpd.conf/apache2.conf" file is for Debian. How about CentOS? Should I add above lines to "/etc/httpd/conf/httpd.conf" file?

Thanks.

hack3rcon · Post by **hack3rcon** » 2021/03/02 18:38:48

Which file is OK for below lines:

Code: Select all

<IfModule security2_module>
          Include modsecurity.d/owasp-modsecurity-crs/crs-setup.conf
          Include modsecurity.d/owasp-modsecurity-crs/rules/*.conf
    </IfModule>

The "/etc/httpd/conf.modules.d/10-mod_security.conf " file or "/etc/httpd/conf.d/mod_security.conf" file?

CentOS

How to configure modsecurity for Apache?

How to configure modsecurity for Apache?

Re: How to configure modsecurity for Apache?

Re: How to configure modsecurity for Apache?

Re: How to configure modsecurity for Apache?

Re: How to configure modsecurity for Apache?