How to set up MOD_SECURITY?
Log in to your server
Log in to mCloud portal, open the main page of your server and then follow these steps:
- Click Console.
- Enter your username: "root".
- Enter your password (to see your password, click Show under Root password).
Install EPEL
While MOD_SECURITY is not available in the official CentOS package repository, it is packaged for the EPEL project. EPEL, standing for Extra Packages for Enterprise Linux, can be installed with a release package that is available from CentOS:
yum install epel-releaseInstall MOD_SECURITY
After installing EPEL, enter the following command to install MOD_SECURITY:
# yum install mod_security mod_security_crsConfirm the installation was successful by opening the configuration file:
cat /etc/httpd/conf.d/mod_security.confNow check if the SecRuleEngine is set to "on":
SecRuleEngine onIf so, restart Apache:
systemctl restart httpdFinally, in order to check if MOD_SECURITY is active, check the Apache error logs where you should see something like this:
[Sat Mar15 16 09:20:58 2018] [notice] ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/) configured. [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: APR compiled version=”1.3.9″; loaded version=”1.3.9″ [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: PCRE compiled version=”7.8 “; loaded version=”7.8 2008-09-05″ [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: LUA compiled version=”Lua 5.1″ [Sat Mar15 16 09:20:58 2018] [notice] ModSecurity: LIBXML compiled version=”2.7.6″Important files to remember
- Mod Security configuration file– /etc/httpd/conf.d/mod_security.conf
- Debug Log – /var/log/httpd/modsec_debug.log
- Audit log – /var/log/httpd/modsec_audit.log
- Rules – /etc/httpd/modsecurity.d/activated_rules