Welcome to the most active Linux Forum on the web.
Go Back > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.


  Search this Thread
Old 03-13-2007, 06:31 AM   #1
Registered: Feb 2007
Posts: 126

Rep: Reputation: 15
apache mod_security module

Pl check it.

Today morning I decided to check about apache secuity. In one of the article I read abt mod_security module. I could locate much docs abt its installation part. After 3-4 hrs of studying , I made these configuration. I want you to check these confs and let me knw where I am lacking/missing and if these confs are OK.

These are the only changes which are made and nothing else.

1.Downloaded the modsecurity-apache_2.1.0.tar.gz from web site.

2) copy the modsecurity.conf-minimal file (after extracting .tar.gz file) to /etc/httpd/conf/modsecurity directory.

3)vi /etc/httpd/conf/httpd.conf
enter the following line:

# Load config files from the config directory "/etc/httpd/conf.d".
Include conf.d/*.conf (default)
Include conf/modsecurity/*.conf

4)restart the httpd service and OK

Doubts ???

1)when i copy the file (in step 2 moddsecurity.conf-minimal)and if i renames it to moddsecurity.conf, httpd service display error as:

[root@fruits rules]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: Syntax error on line 3 of /etc/httpd/conf/modsecurity/modsecurity.conf:
Invalid command 'SecRuleEngine', perhaps mis-spelled or defined by a module notincluded in the server configuration

2)Other thing I want to know , is this modsecurity module is working and should i go for it

This is the first time n day when i m configuring this..any kind of help will be a lot for me
Old 03-16-2007, 02:57 PM   #2
Registered: Jan 2006
Location: Vancouver BC
Distribution: LFS, SLak, Gentoo, Debian
Posts: 291

Rep: Reputation: 36
put the minimal back in the end, unless the installation instructions said to change the name.
Old 03-17-2007, 04:51 PM   #3
LQ Newbie
Registered: Jan 2007
Posts: 27

Rep: Reputation: 15
Sounds like you never added...
LoadModule security2_module modules/


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[apache] Chroot or mod_security? JockVSJock Linux - Security 1 11-26-2006 03:49 AM
LXer: Secure Your Apache With mod_security LXer Syndicated Linux News 0 07-13-2006 08:33 AM
mod_security for apache zsoltrenyi Linux - Security 0 02-08-2005 06:36 AM
mod_security ridertech Linux - Security 1 09-01-2004 05:16 PM
Apache mod_security logging everything? ridertech Linux - Security 2 08-13-2004 01:10 PM > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 04:51 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration