I/INTRO
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella – shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
The module filters, and optionally rejects, incoming requests based on a number of different criteria like CGI variables, HTTP headers, environment variables, and even individual script parameters. mod_security can also create an audit log, storing full request details in a separate file, including POST payloads (the audit feature can be turned on or off on a per-server or per-directory basis).
II/INSTALL
Step 1:You need install Microsoft Visual C++ 2008 Redistributable Package (x86) (if you use Apache in window).
If you use LINUX.you can install from source as:
#wget http://www.modsecurity.org/download/modsecurity-apache_2.5.11.tar.gz
#tar -xvzf modsecurity-apache_2.5.11.tar.gz
#cd modsecurity-apache_2.5.11
#./configure;make;make install
you can install It by yum if you use RHEL or CENTOS
prefer:http://www.jasonlitka.com/yum-repository/
Step 2:Configure
copy libxml2.dll to folder bin in folder Apache(/etc/httpd/)if you use window
Step 3:edit file httpd.conf
uncommend
LoadModule unique_id_module modules/mod_unique_id.so Add this line at the bottom of Load Modules section:
LoadModule security2_module modules/mod_security2.so
Step 4:Test you change signature"SecServerSignature "IIS/7.5" " of webserver to IIS/7.5 and access to apache
No comments:
Post a Comment