Installing ModSecurity 2.9.1 on CentOS 7.2 with Apache17 Mar 2016
Below I'm sharing some notes on modsecurity installation on my CentOS 7.2 server with apache.
Where to get ModSecurity
I got it from ModSecurity github page and to be precise from here.
tar -zxvf modsecurity-2.9.1.tar.gz -C .
Wiki on github is suggesting to run autogen.sh first.
I had to install this packages first:
yum install autoconf automake libtool
It also installed gcc as a dependency and I was able to run
I had to install this packages to run:
yum install libcurl libcurl-devel httpd-devel pcre pcre-devel libxml2-devel libxml2
apr packages where installed as dependecies.
And I was able to run:
After that I got my modsecurity module in the right place:
# ls -al /usr/lib64/httpd/modules/mod_security2.so -r-xr-xr-x. 1 root root 2421149 03-17 22:30 /usr/lib64/httpd/modules/mod_security2.so
To get it enabled (it runs as a apache module) I've created a file in:
and added this line:
LoadModule security2_module modules/mod_security2.so
in it and restarted httpd service.
This is an example output in httpd
error_log just after restarting httpd service:
[Thu Mar 17 22:42:59.400335 2016] [:notice] [pid 54933] ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/) configured. [Thu Mar 17 22:42:59.400343 2016] [:notice] [pid 54933] ModSecurity: APR compiled version="1.4.8"; loaded version="1.4.8" [Thu Mar 17 22:42:59.400348 2016] [:notice] [pid 54933] ModSecurity: PCRE compiled version="8.32 "; loaded version="8.32 2012-11-30" [Thu Mar 17 22:42:59.400352 2016] [:notice] [pid 54933] ModSecurity: LIBXML compiled version="2.9.1" [Thu Mar 17 22:42:59.400354 2016] [:notice] [pid 54933] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
The last entry is saying that the engine is disabled. I'll work on getting it on later :)