• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1911
  • Last Modified:

Ubuntu 14 x64 server problem installing mod_security

Hi all,

I have followed the following procedure found on this link ( MATTBROCK TUTORIAL FOR UBUNTU 14.04 ) to install mod_security on my server:

sudo apt-get install libapache2-mod-security2
sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sudo nano /etc/modsecurity/modsecurity.conf

Make the following options so:
SecRuleEngine On
SecRequestBodyLimit 50000000
SecRequestBodyInMemoryLimit 50000000

cd /tmp
sudo wget https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/master.zip
sudo apt-get install zip
sudo unzip master.zip
sudo cp -r owasp-modsecurity-crs-master/* /etc/modsecurity/

sudo mv /etc/modsecurity/modsecurity_crs_10_setup.conf.example /etc/modsecurity/modsecurity_crs_10_setup.conf

sudo ls /etc/modsecurity/base_rules | xargs -I {} sudo ln -s /etc/modsecurity/base_rules/{} /etc/modsecurity/activated_rules/{}

sudo ls /etc/modsecurity/optional_rules | xargs -I {} sudo ln -s /etc/modsecurity/optional_rules/{} /etc/modsecurity/activated_rules/{}

sudo nano /etc/apache2/mods-available/security2.conf 
add the following line near the end, just before </IfModule>:
Include "/etc/modsecurity/activated_rules/*.conf"

sudo service apache2 restart
sudo rm -rfv /tmp/*

sudo apt-get install libapache2-mod-evasive
sudo mkdir /var/log/mod_evasive
sudo chown www-data:www-data /var/log/mod_evasive
sudo nano /etc/apache2/mods-available/evasive.conf

Make it so:
<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        2
    DOSSiteCount        50
    DOSPageInterval     1
    DOSSiteInterval     1
    DOSBlockingPeriod   10

    DOSEmailNotify      my_emailaddress@gmail.com
    #DOSSystemCommand    "su - someuser -c '/sbin/... %s ...'"
    DOSLogDir           "/var/log/mod_evasive"
</IfModule>

sudo ln -s /etc/apache2/mods-available/evasive.conf /etc/apache2/mods-enabled/evasive.conf
sudo service apache2 restart
sudo apt-get install rkhunter chkrootkit

sudo nano etc/chkrootkit.conf
RUN_DAILY="true"
RUN_DAILY_OPTS=""

sudo nano /etc/default/rkhunter
CRON_DAILY_RUN="true"
CRON_DB_UPDATE="true"

sudo mv /etc/cron.weekly/rkhunter /etc/cron.weekly/rkhunter_update
sudo mv /etc/cron.daily/rkhunter /etc/cron.weekly/rkhunter_run
sudo mv /etc/cron.daily/chkrootkit /etc/cron.weekly/

sudo apt-get install logwatch
sudo mv /etc/cron.daily/00logwatch /etc/cron.weekly/
sudo nano /etc/cron.weekly/00logwatch
/usr/sbin/logwatch --output mail --range 'between -7 days and -1 days'

sudo apt-get install acct
sudo touch /var/log/wtmp

sudo a2enmod modsecurity
sudo /etc/init.d/apache2 force-reload

Open in new window


However when I execute: sudo a2enmod modsecurity

lupocatttivo@octane:~$ sudo a2enmod modsecurity
ERROR: Module modsecurity does not exist!


Any help will be appreciated.

Thanks in advance.
0
badwolfff
Asked:
badwolfff
  • 2
1 Solution
 
ThomasMcA2Commented:
Since the module does not exist, the install command must have failed. Try running it again. What errors does it display?
apt-get install libapache2-mod-security2

Open in new window

0
 
badwolfffAuthor Commented:
lupocatttivo@octane:~$ sudo apt-get install libapache2-mod-security2
Reading package lists... Done
Building dependency tree
Reading state information... Done
libapache2-mod-security2 is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

Open in new window



The problem is that I get this problem with mode-evasive as well:

lupocatttivo@octane:~$ sudo a2enmod mod-evasive
[sudo] password for lupocatttivo:
ERROR: Module mod-evasive does not exist!

Open in new window



thanks for your message
0
 
ThomasMcA2Commented:
When enabling modules in apache, you don't need the "mod-" prefix. So use this command:
sudo a2enmod evasive

Open in new window

0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now