Wiki

User Tools

Site Tools

Trace: start
apache:modules:install_mod_security_and_mod_evasive

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

apache:modules:install_mod_security_and_mod_evasive [2023/07/17 10:43] – created peterapache:modules:install_mod_security_and_mod_evasive [2023/07/17 10:45] (current) peter
Line 96: Line 96:
 </file> </file>
  
 +----
  
 ===== Download and install the latest OWASP Core Rule Set ===== ===== Download and install the latest OWASP Core Rule Set =====
  
-The OWASP ModSecurity CRS Project's goal is to provide an easily "pluggable" set of generic attack detection rules that provide a base level of protection for any web application.+The goal of the **OWASP ModSecurity CRS Project** is to provide an easily "pluggable" set of generic attack detection rules that provide a base level of protection for any web application.
  
-Download and install the latest [[https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project|OWASP ModSecurity Core Rule Set]] from the project website.  See [[https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project|here]] for more information.+Download and install the latest [[https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project|OWASP ModSecurity Core Rule Set]] from the project website.
  
-We will also activate the default CRS config file **modsecurity_crs_10_setup.conf.example**.+  * See [[https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project|here]] for more information. 
 + 
 +Also activate the default CRS config file **modsecurity_crs_10_setup.conf.example**.
  
 If you prefer not to use the latest rules, replace the wget for master below with the a specific version you would like to use e.g : **v2.2.5**. If you prefer not to use the latest rules, replace the wget for master below with the a specific version you would like to use e.g : **v2.2.5**.
Line 144: Line 147:
 </file> </file>
  
 +----
  
 ===== Check if ModSecurity is enabled and restart Apache ===== ===== Check if ModSecurity is enabled and restart Apache =====
Line 156: Line 160:
 </code> </code>
  
 +----
  
 Restart the Apache2 webserver: Restart the Apache2 webserver:
Line 169: Line 174:
 </code> </code>
  
 +----
  
 ===== Test ModSecurity ===== ===== Test ModSecurity =====
Line 193: Line 199:
 Content-Type: text/html; charset=UTF-8 Content-Type: text/html; charset=UTF-8
 </code> </code>
 +
 +----
  
 ===== Install ModEvasive ===== ===== Install ModEvasive =====
Line 204: Line 212:
 </code> </code>
  
 +----
  
 ===== Create log file directory for mod_evasive ===== ===== Create log file directory for mod_evasive =====
Line 220: Line 229:
 </code> </code>
  
 +----
  
 ===== Create mod-evasive.conf file and configure ModEvasive ===== ===== Create mod-evasive.conf file and configure ModEvasive =====
Line 245: Line 255:
 </file> </file>
  
 +----
  
 ===== Fix mod-evasive email bug ===== ===== Fix mod-evasive email bug =====
Line 258: Line 269:
 </code> </code>
  
 +----
  
 ===== Check if ModEvasive is enabled and restart Apache ===== ===== Check if ModEvasive is enabled and restart Apache =====
Line 282: Line 294:
 </code> </code>
  
 +----
  
 ===== Test ModEvasive ===== ===== Test ModEvasive =====
Line 343: Line 356:
 Oct 26 15:36:42 CentOS-7 mod_evasive[2732]: Blacklisting address 192.168.1.42: possible DoS attack. Oct 26 15:36:42 CentOS-7 mod_evasive[2732]: Blacklisting address 192.168.1.42: possible DoS attack.
 </code> </code>
 +
 +----
 +
  
apache/modules/install_mod_security_and_mod_evasive.1689590584.txt.gz · Last modified: 2023/07/17 10:43 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki