Shulou(Shulou.com)06/02 Report--

The code of the official website gets the address.

Http://www.modsecurity.org/do...

It describes the installation method of the system, this article only talks about compiling and installing from the source code.

1. Install modsecurity

. / configure-- help can view all the compilation parameters. Be sure to specify the following parameters to the apache directory and share them with apache, otherwise apache will use its own and modsecurity will use the system, resulting in inexplicable problems.

. / configure-with-apxs=/usr/local/apache2/bin/apxs-with-pcre=/usr/local/bin/pcre-config-with-apr=/usr/local/apache2/bin/apr-1-config-with-apu=/usr/local/apache2/bin/apu-1-config-with-yajl=PATH

-- with-yajl provides json support. If this library is not installed, it will report a 400th error when intercepting application/json.

After the installation is complete, you can see mod_security2.so in apache's modules directory or / usr/local/modsecurity/lib. Using ldd mod_security2.so, you can see the parameters configured in it to see if there is yajl (remember, remember). I didn't install it myself, so I can only turn off the support for application/json in modsecurity.conf.

2. Install the core rule set

Download and install the latest OWASP CRS

Enter the installation directory of apahace

Mkdir crscd crswget https://github.com/SpiderLabs...tar xzf mastermv SpiderLabs-owasp-modsecurity-crs-ebe8790 owasp-modsecurity-crscd owasp-modsecurity-crscp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf

3. Configure apahce

Copy the modsecurity.conf-recommended under the modsecurity source folder to the conf/extra of apache and name it modsecurity.conf

Turn on unique_id,security2

LoadModule unique_id_module modules/mod_unique_id.so

LoadModule security2_module modules/mod_security2.so

Include conf/extra/modsecurity.confInclude crs/owasp-modsecurity-crs/modsecurity_crs_10_setup.confInclude crs/owasp-modsecurity-crs/base_rules/*.confInclude conf/extra/modsecurity_crs_10_customrules.conf

Note:

Some original configurations are overwritten in modsecurity_crs_10_customrules.conf, such as:

SecRuleUpdateTargetById 981172! REQUEST_COOKIES:/userInfo.*/

When you encounter userInfo in cookie, disable the 981172 rule, which is detailed in the configuration options.

Configuration options for modsecurity

Https://github.com/SpiderLabs...

to be continued

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.