How to Install mod_security for Apache in Ubuntu


install mod_security for apache in ubuntu

mod_security is a powerful Apache module that helps protect your websites from malicious attacks. It monitors HTTP traffic in real-time and blocks various kinds of exploits. Here’s how you can install mod_security for Apache in Ubuntu

 

How to Install mod_security for Apache in Ubuntu

Here are the steps to install mod_security for Apache in Ubuntu

 

1. Install Apache

SSH into your Ubuntu system, or open a terminal window and paste the following commands to install Apache.


$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get install apache2

We update packages before installing Apache to ensure smooth installation

 

2. Install mod_security

Install mod_security with the following command:


$ apt-get install libapache2-modsecurity

 

You can check if mod_security has been installed, by running the following command


$ apachectl -M | grep security

 

If everything is installed properly, you will see the following output:


security2_module (shared)

 

 

3. Configure mod_security

By default, mod_security provides a config file called “modsecurity.conf-recommended” in /etc/modsecurity directory.

To configure mod_security, we need to rename it to modsecurity.conf


$ sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

 

Open modsecurity.conf in a text editor


$ sudo nano -w /etc/modsecurity/modsecurity.conf

 

Search for “SecRuleEngine” and change its value to On.


SecRuleEngine on
  • On – Activate rules
  • Off – Deactivate rules
  • DetectionOnly – Only intercept & log transactions

 

Save and quit the file.

 

5. Restart Apache Web Server

Restart Apache to apply changes


$ systemctl restart apache2

 

That’s it! You have installed mod_security for Apache in Ubuntu. You can optionally add core set rules to mod_security for increased protection.

 

6. Configure mod_security Core Set Rules (Optional)

mod_security comes with many Core Set Rules (CRS) that can be useful to protect your site. It can be found at /usr/share/modsecurity-crs

To make Apache use these rules, add the following lines to the bottom of modsecurity.conf file


# ModSecurity Core Set Rules (CSR)
IncludeOptional /usr/share/modsecurity-crs/*.conf
IncludeOptional /usr/share/modsecurity-crs/activated_rules/*.conf

 

Save & close the file. Restart Apache server to apply changes


$ systemctl restart apache2

 

About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!