How do I install ModSecurity 2.7.0?
Hi,
I can't find any documentation to install 2.7.0. I already have an earlier version (2.6.3) installed (why did aptitude send me 2.6.3 while 2.7.0 stable is already out?) Inside the 2.7.0 folder, i get those files: CHANGES Makefile.in README_WINDOWS.TXT apache2 build doc mlogc stamp-h1 tools LICENSE NOTICE aclocal.m4 authors.txt configure ext modsecurity.conf-recommended standalone unicode.mapping Makefile.am README.TXT alp2 autogen.sh configure.ac iis nginx tests How do I go about installing 2.7.0? Thanks a lot in advance Regards |
<<Reply Removed>> I misread your post. Sorry, ignore me.
|
Quote:
So far Fedora 19 has mod_security-2.7.0-2.fc19. Release: June 2013. cd modsecurity-apache_2.7.0/ patch -p0 < mod_security-fix-build-with-libxml29.patch ./configure --prefix=/usr/ --enable-pcre-match-limit=1000000 \ --enable-pcre-match-limit-recursion=1000000 make make install patch, mod_security.conf http://dl.fedoraproject.org/pub/fedo...2.fc19.src.rpm . |
Hi
Thanks for your response. I downloaded the missing patch (mod_security-fix-build-with-libxml29.patch) and successfully patched it. Then I enter ./configure --prefix=/usr/ --enable-pcre-match-limit=1000000 --enable-pcre-match-limit-recursion=1000000 Then, after many lines starting with "checking", it gives me the following alert: configure: looking for Apache module support via DSO through APXS configure: error: couldn't find APXS What did I do wrong? Thanks a lot |
What distro are you using, Debia, Ubuntu, Aptosid? IF you are using Debian you could try this (Though if you are using Debian stable I wouldn't recommend this at all.) If it is available in any of the Debian branches repo's you can try this, 2.7.0 might not be there yet. I am using Debian and this process I have only tried on Debian. All that I mention below you can do AT YOUR OWN RISK. Also DO NOT do an dist-upgrade while these newly added repos are active, even if it says updates are available. If you do then your whole system will be updated to the newest versions of the programs. This could break everything badly. Just look for your software, mod_security, then take those repos out of the sources.list if you can find it and install it.
READ WARNING BELOW BEFORE YOU DO ANYTHING! Backup your data. If you dont' have unstable in your sources.list(AKA SID) then, from terminal su your_password cd /etc/apt (use what ever text editor you want in the terminal. For this example I will use nano) nano sources.list add deb http://ftp.debian.org/debian/ unstable main contrib non-free deb-src http://ftp.debian.org/debian/ unstable main contrib non-free aptitude update aptitude search <<package_name_here>> aptitude install <<package_name_here>> If you already have the above repo's in your sources.list then try this, add deb http://ftp.debian.org/debian/ experimental main to /etc/apt/sources.list then in the terminal tpe aptitude update aptitude install -t experimental <<package_name_here>> Pay attention to any warnings about conflicts. Hit no until you find a solution you like. If you don't find a solution or if you are unsure then hit q for quit. WARNING: NOW BEFORE YOU TRY THIS. this is experimental, which means it has NOT been tested. You might end up breaking your whole system. If you are unsure on how to do this and can't afford to mess things up than DON'T DO IT. If You are using certain Debian based distro's this MIGHT work as well. IF YOU BREAK ANYTHING I DID WARN YOU. |
Hi Rodebian,
Thanks for your message and warning. I am using Ubuntu 12.04 LTS 64 bits. I installed the latest OWASP modsecurity set of rules and it requires 2.7.0 otherwise, apache throws an error when it starts. Does your solution work as well with Ubuntu? Also, since I'm a beginner in Lunix, should I wait that aptitude puts up an automated update of modsecurity, to make it easier? Thanks a lot |
Quote:
|
Quote:
I would just wait then. Ubuntu is pretty good with updating its software. It is better being safe then sorry. In the mean time you could read up on aptitude, Ubuntu, Linux, mod security, etc., while you wait for the updated version to be added to Ubuntu repo's. |
Actually, I may have found a solution at http://wiki.tkoeppen.com/display/doc...che2+in+Ubuntu
It tells me to do install apache apxs, then libxml2-dev and finally libcurl4-gnutls-dev Would this be worth trying, without adding some unnecessary files to my server? Thanks |
Quote:
Can you take a step back and explain your project/goal to us? I consider myself a somewhat intermediate user but I do not understand what you are trying to do here; help me to see the bigger picture. Is there a feature you need that the stable and tested software provided by Ubuntu fails to provide? |
Quote:
I am in fact just trying to get the latest version of OWASP set of rules to work with my apache, but it throws an error when I start apache: * Starting web server apache2 Syntax error on line 52 of /etc/modsecurity/base_rules/modsecurity_crs_20_protocol_violations.conf: Error parsing actions: Unknown action: ver Action 'start' failed. The reason for that is that it needs modsecurity 2.7.0 to work, but the one I have is a slightly older version. I am not trying to do anything sophisticated, all I want is to have the latest version of OWASP set of rules, for maximum security. Also, since 2.7.0 Stable was just released, I thought it would be good to install it. |
I'm sorry, I don't know what the OWASP set of rules are. I did not realize they were necessary for maximum security in Ubuntu. There are some Ubuntu security tips here, if you get stuck: http://ubuntuforums.org/showthread.php?t=510812
Generally speaking, Ubuntu's security policy is to fix bugs in existing/provided software, rather than to provide new versions that might change functionality. More details here (written for Red Hat but applies equally to Ubuntu): https://access.redhat.com/security/updates/backporting/ In other words they will not provide Modsecurity 2.7 as a mid-life update for a previously-released version, because this would require admins to test their code against the new module, as opposed to security-patching 2.6.3, which is a safe upgrade. Good luck! |
You can find your answer at : http://www.root25.com/2012/11/how-to...-tutorial.html
This website will show you 1. How to install mod security on Ubuntu (Step by Step with pictures) 2. How to setup OWAPS rules set on it. 3. How to access and check the log. 4. There is another article in the same site about how to implement "Reverse Proxy + Mod Security" 5. There is another article in the same site about how to visualize the log output into charts... |
Ubuntu 12.04 uses mod-security 2.6.3
The excellent tutorial at: http://www.root25.com/2012/11/how-to...-tutorial.html doesn't work any more because the mod-security core rules are newer. You either ned to compile the newer version of modsecurity or get the older core rules. Use this tutorial to use the older rules: http://notepad2.blogspot.com/2012/11...s-install.html |
All times are GMT -5. The time now is 05:55 PM. |