?
Solved

How to install mod security on Centos

Posted on 2008-10-15
4
Medium Priority
?
1,261 Views
Last Modified: 2012-05-05
Hi X-perts,

I have a new Centos server, which is all new for me (I have been using freebsd n the past). How can I install a security mod from

http://www.jasonlitka.com/media/EL4/x86_64/

I do not want to install and update the whole Yum Repository, but would rather to install only a single mod security now.

Please, tell me the exact list of commands how to do it (I have never used yum before). Should I first import the public key?

Please, help
0
Comment
Question by:andy7789
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 9

Expert Comment

by:chingmd
ID: 22728313
run the following commands as root

You will need to enable the jasonlitka repository.  here is a howto to set that up.  
http://www.jasonlitka.com/yum-repository/

yum check-update
   only updates the the repository

then run

yum search mod_security
    should return a result

then run
yum install mod_security






0
 

Author Comment

by:andy7789
ID: 22728800
all works - all installed. Do you know where should I edit httpd.conf to include a reference to mod security?

The manual for mod security states:
===========================================
Edit the main Apache httpd config file (usually httpd.conf)
On UNIX (and Windows if you did not copy the DLLs as stated above) you must load libxml2
and lua5.1 before ModSecurity with something like this:

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so

Load the ModSecurity module with:
LoadModule security2_module modules/mod_security2.so
=========================================

The problem is that I cannot find references as "LoadFile /usr/lib/liblua5.1.so" in the conf file. Where should I place it?
0
 
LVL 9

Accepted Solution

by:
chingmd earned 2000 total points
ID: 22732225
You can add the LoadModule line with the others in the file.

The LoadFile line is may only be location specific for the module, so place it above the LoadModules section of the httpd.conf file.  

But in most cases, most of the options in httpd.conf are not location specific.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month10 days, 19 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question