Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to install mod security on Centos

Posted on 2008-10-15
4
Medium Priority
?
1,287 Views
Last Modified: 2012-05-05
Hi X-perts,

I have a new Centos server, which is all new for me (I have been using freebsd n the past). How can I install a security mod from

http://www.jasonlitka.com/media/EL4/x86_64/

I do not want to install and update the whole Yum Repository, but would rather to install only a single mod security now.

Please, tell me the exact list of commands how to do it (I have never used yum before). Should I first import the public key?

Please, help
0
Comment
Question by:andy7789
  • 2
3 Comments
 
LVL 9

Expert Comment

by:chingmd
ID: 22728313
run the following commands as root

You will need to enable the jasonlitka repository.  here is a howto to set that up.  
http://www.jasonlitka.com/yum-repository/

yum check-update
   only updates the the repository

then run

yum search mod_security
    should return a result

then run
yum install mod_security






0
 

Author Comment

by:andy7789
ID: 22728800
all works - all installed. Do you know where should I edit httpd.conf to include a reference to mod security?

The manual for mod security states:
===========================================
Edit the main Apache httpd config file (usually httpd.conf)
On UNIX (and Windows if you did not copy the DLLs as stated above) you must load libxml2
and lua5.1 before ModSecurity with something like this:

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so

Load the ModSecurity module with:
LoadModule security2_module modules/mod_security2.so
=========================================

The problem is that I cannot find references as "LoadFile /usr/lib/liblua5.1.so" in the conf file. Where should I place it?
0
 
LVL 9

Accepted Solution

by:
chingmd earned 2000 total points
ID: 22732225
You can add the LoadModule line with the others in the file.

The LoadFile line is may only be location specific for the module, so place it above the LoadModules section of the httpd.conf file.  

But in most cases, most of the options in httpd.conf are not location specific.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question