Archive

Posts Tagged ‘Apache’

How to install mod_evasive on Linux server

May 8th, 2012 No comments

How to install mod_evasive on Linux server

Go to the below path.

cd /usr/local/src

Download the file using the below link:

wget wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz

Untar the file.

tar xzf mod_evasive_1.10.1.tar.gz

Go to the folder.

cd mod_evasive

Run the below command for the installation.

apxs -cia mod_evasive20.c

 

You’ll then need to add the mod_evasive configuration to your Apache configuration file. First, find this section:

File:/etc/httpd/conf/httpd.conf (CentOS / Fedora)

LoadModule evasive20_module /usr/lib/httpd/modules/mod_evasive20.so

Below those sections, add the mod_evasive configuration:

File excerpt:mod_evasive configuration

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 60
DOSEmailNotify [email protected]
</IfModule>

————————————————————

File:/etc/apache2/apache2.conf (Debian / Ubuntu)

# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
————————————————————-

You’ll then need to restart Apache for your changes to take effect:

Debian / Ubuntu:

/etc/init.d/apache2 restart

CentOS / Fedora:

/etc/init.d/httpd restart

 

How to install apache on CentOS Server

May 7th, 2012 No comments

Apache Installation

 

The below command will check whether apache packages are available on the server or not. It will show the listing if it is available on the server.

yum list httpd*

If packages are available then run the below command to install apache packages.

yum install httpd*

Now configure your system to start Apache at boot time…

chkconfig –levels 235 httpd on
Once done then restart the apache service.

/etc/init.d/httpd start
Categories: Apache Tags:

How to install mod security in linux server

May 3rd, 2012 No comments

How to install mod security in linux server

 

First check mod_security is enabled on the server. If it is not installed than you can install it through easy apache.

Run the below commands to create the directory and give proper permissions.

mkdir /var/asl
mkdir /var/asl/tmp
mkdir /var/asl/data
mkdir /var/asl/data/msa
mkdir /var/asl/data/audit
mkdir /var/asl/data/suspicious
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
mkdir /var/asl/updates
mkdir /var/asl/rules/
mkdir /var/asl/rules/clamav
mkdir /etc/asl/
touch /etc/asl/whitelist

Go to the below path

cd /usr/local/src/

Download latest mod security rules.

wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz

Extract that tar file using below command.

tar zxvf modsec-2.7-free-latest.tar.gz

Create mod security directory.

mkdir /usr/local/apache/conf/modsec_rules/

Copy the rules in created directory.

cp modsec/*  /usr/local/apache/conf/modsec_rules/

 

Now, open the below file.

vi /usr/local/conf/modsec2.user.conf

Copy the below content in that file.

SecRequestBodyAccess On
SecAuditLogType Concurrent
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecAuditLogRelevantStatus “^(?:5|4(?!04))”
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditLogParts ABIFHZ
SecArgumentSeparator “&”
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial

Include /usr/local/apache/conf/modsec_rules/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
Include /usr/local/apache/conf/modsec_rules/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec_rules/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec_rules/60_asl_recons.conf
Include /usr/local/apache/conf/modsec_rules/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec2.whitelist.conf

Restart that apache.

/etc/init.d/httpd restart

 

%d bloggers like this: