How to Install mod_security on CentOS 7, RHEL 7


how to install mod_security on centos

mod_security is a useful Apache module that protects your website from malicious attacks. It monitors your website traffic and blocks attackers automatically. Here’s how to install mod_security on CentOS 7.

 

How to Install mod_security on CentOS 7, RHEL 7

Here are the steps to install mod_security on CentOS, RHEL

 

1. Enable EPEL Repository

First, add the rpm repository to your system

For RHEL/CentOS 7:


# rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm

For RHEL/CentOS 6:


# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

 

2. Install mod_security

Next, install mod_security


# yum install mod_security mod_security_crs

This will install mod_security with its default set of protection rules. We will modify them in the steps below.

 

3. Activate mod_security module

The configuration file for mod_security is located at /etc/httpd/conf.d/mod_security.conf

Open it with a text editor


# sudo vim /etc/httpd/conf.d/mod_security.conf

Look for SecRuleEngine directive and set its value to On


SecRuleEngine On
  • On – Activate rules and block attacks
  • Off – Deactivate rules and block attacks
  • DetectionOnly – Only intercept and log transactions

 

4. Restart Apache

Restart Apache to apply changes


# service httpd restart

 

5. Verify the installation

You can verify that your firewall is installed and working properly by looking at the Apache error_log file


# tail /var/log/httpd/error_log

[Sat Mar15 16 09:20:58 2014] [notice] ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/) configured.
[Sat Mar15 16 09:20:58 2014] [notice] ModSecurity: APR compiled version=”1.3.9″; loaded version=”1.3.9″
[Sat Mar15 16 09:20:58 2014] [notice] ModSecurity: PCRE compiled version=”7.8 “; loaded version=”7.8 2008-09-05″
[Sat Mar15 16 09:20:58 2014] [notice] ModSecurity: LUA compiled version=”Lua 5.1″
[Sat Mar15 16 09:20:58 2014] [notice] ModSecurity: LIBXML compiled version=”2.7.6″

 

 

Please note, here are some key files to remember for debugging

  • Mod Security Config File – /etc/httpd/conf.d/mod_security.conf
  • Debug Log – /var/log/httpd/modsec_debug.log
  • Audit log – /var/log/httpd/modsec_audit.log
  • Rules – /etc/httpd/modsecurity.d/activated_rules

 

That’s it! You have installed mod_security on CentOS 7, RHEL

About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!