Installing Mod_Sec on Virtuozzo / PP9

[KrazyBob]

I cannot locate a rpm, a tar or even isnatll instructions for mod_sec. apxs isn't even installed in the container and I'm stumped.

I MUST install mod_sec ASAP. Newly installed servers are already being attacked successfully.

 

[IgorG]

Maybe this thread will help.

 

[KrazyBob]

it does not. The information is for mod_sec prior to version 2. The install process is much more detailed. Moreover, atomic does not install mod_security. It fails. It also has not escaped me that he now sells a subscription service of mod_sec.

Additionally, the CE 5.4 ez-template is missing all of the dependencies to even install yum. I had to install yum from the hardware node and then manually install mod_sec from the CLI.

It amazes me that as the number 1 hosting platform Plesk does not have a verified rpm for installation. Not even a KB article.

Here is what I have done and I have not tested it yet. Note that I had to install the libraries because the x86_64 ez-template is missing many libraries that ARE installed in the 32 bit version of CE 5.4. That alone makes no sense. Even the Plesk installer does not install these rpms. I would expect the Plesk developers to include a working installation of mod_sec. It just makes sense.

I believe in sharing:

Installing ModSecurity 2.x


# yum install libxml2 libxml2-devel httpd-devel pcre-devel

# wget http://www.modsecurity.org/download/modsecurity-apache_2.5.11.tar.gz
# tar -xzvf modsec*
# cd modsecurity-apache_2.5.11/apache2/


ModSecurity installation consists of the following steps:

ModSecurity 2.x works with Apache 2.0.x or better.

Make sure you have mod_unique_id installed.

(Optional) Install the latest version of libxml2, if it isn't already installed on the server.

Unpack the ModSecurity archive

Edit Makefile to configure the path to the Apache ServerRoot directory. You can check this by identifying the ServerRoot directive setting in your httpd.conf file. This is the path that was specified with the "--install-path=" configuration flag during compilation (for example, in Fedora Core4: top_dir = /etc/httpd).

(Optional) Edit Makefile to enable ModSecurity to use libxml2 (uncomment line DEFS = -DWITH_LIBXML2) and configure the include path (for example: INCLUDES=-I/usr/include/libxml2)


# ./configure

# make

# service httpd stop

# make install

# vi /etc/httpd/conf/httpd.conf

Add one line to your configuration to load ModSecurity: LoadModule security2_module modules/mod_security2.so

LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so


(Optional) Add one line to your configuration to load libxml2: LoadFile /usr/lib/libxml2.so

Add one line to your configuration to load ModSecurity: LoadModule security2_module modules/mod_security2.so

Configure ModSecurity

# service httpd start

You now have ModSecurity 2.x up and running.

 

[KrazyBob]

I also just found a repo.

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
yum repolist
yum search mod_security

mod_log_post.x86_64 : Module for the Apache web server to log all HTTP POST messages
mod_security.x86_64 : Security module for the Apache HTTP Server

 

[atomicturtle]

It installs mod_security just fine, I think your problem here was that you're on a VPS system that doesn't have yum on it.