By PhDs, (© Copyright reserved),
March 23, 2008 at 6:53 pm
· Category: Linux Admin
1, install httpd-devel, and subversion-devel
yum install httpd-devel
yum install subversion-devel
2, Downlaod and install ModSecurity
wget http://www.jasonlitka.com/media/EL4/i386/mod_security-2.5.0-jason.2.i386.rpm
or wget http://www.jasonlitka.com/media/EL5/i386/mod_security-2.1.4-1.jason.2.i386.rpm
rpm -i mod_security-2.5.0-jason.2.i386.rpm
rpm -i mod_security-2.1.4-1.jason.2.i386.rpm
3, Check if the module is installed:
ls -la /usr/lib/httpd/modules/mod_security2.so
4, restart apache
apachectl restart
5, Regularly monitor log files :
/var/log/httpd/modsec_audit.log
/var/log/httpd/modsec_debug.log
6, If you installed wrong version, use the following command to remove the wrong version/module
yum remove mod_security
7, You can use yum install mod_security command to install mod_security if you create a file /etc/yum.repos.d/utterramblings.repo with the following lines
[utterramblings]
name=Jason's Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
but this won’t allow you to select which version to install.
mod_security-2.5.0 is not compatible with PHP 5.1, so for PHP5.1 you need to install mod_security-2.1.4-1.
Jason Litka’s PHP 5.2.5 has a bug with SSL, so if you have a shopping cart (Zen Cart) it will break your shopping cart.
Note:
Ref:
http://www.modsecurity.org/
http://www.jasonlitka.com/yum-repository/
http://www.jasonlitka.com/2007/08/24/mod-security-packages-now-available/
http://www.jasonlitka.com/2008/01/23/recent-repo-updates-modsecurity-xcache-httpd/
http://www.jasonlitka.com/media/EL5/i386/
http://www.g-loaded.eu/2006/08/24/modsecurity-overview/
http://www.eth0.us/mod_security
http://www.gotroot.com/tiki-index.php?page=Setting+up+mod_security
http://www.gotroot.com/tiki-index.php?page=mod_security+rules
