Results 1 to 23 of 23
Thread: MOD Security INSTALL
-
06-22-2009, 04:40 AM #1Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
MOD Security INSTALL
Hello,
i need to install mod security in ubuntu BUT I CANT.
IT SAYS THERE IS NO PACKAGE etc.
What commands to use?
Please help
Ubuntu 8.04
-
06-22-2009, 07:21 AM #2Web Hosting Master
- Join Date
- Jun 2003
- Location
- World Wide Web
- Posts
- 581
Do you have any control panel on your server?
what version of apache/http server you have on the server?SupportExpertz.com - the name says it all!
Managed Cloud Servers
Server Management and Monitoring
24x7 outsourced customer support
-
06-22-2009, 07:24 AM #3Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
ok
Hello mate,
im using plesk in ubuntu 8.04 apache 2.2.8 !
Please help.
Thanks
-
06-22-2009, 07:43 AM #4Web Hosting Master
- Join Date
- Jun 2003
- Location
- World Wide Web
- Posts
- 581
you need to download modsecurity package at
http://www.modsecurity.org/download/
cd /etc/apache2
wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz
tar -xzvf modsec*
cd modsec*
cd apache2
apxs -cia mod_security.c
apachectl stop
apachectl start
in /etc/apache2/Includes/modsecurity.conf.
You can get rule sets from http://www.gotroot.com
You can either add the rules directly to the above mentioned modsecurity.conf file or you can specify the rules in seperate files and then include the file names in the above file.
Please be careful while using modsecurity as certain rules can break functioning of certain sites.
Make sure that you read the instructions available in INSTALL or README files.Last edited by supportexpertz; 06-22-2009 at 07:48 AM.
SupportExpertz.com - the name says it all!
Managed Cloud Servers
Server Management and Monitoring
24x7 outsourced customer support
-
06-22-2009, 07:51 AM #5Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
i will try it in a min.
Thanks mate.i WILL inform u if it works.THANKSSS
-
06-22-2009, 08:29 AM #6Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
Mate help.Im trying to do apxs -cia mod_security.c but says apxs command not found..
Means?Please
-
06-22-2009, 08:33 AM #7Web Hosting Master
- Join Date
- Mar 2009
- Posts
- 569
You need to install apxs - which is required to built modules for apache.
Code:apt-get install apache2-threaded-dev
-
06-22-2009, 08:37 AM #8Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
Reading package lists... Done
Building dependency tree
Reading state information... Done
apache2-threaded-dev is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
And then: i put apxs -cia mod_security.c
and: -bash: apxs: command not found
WHY?damn
-
06-22-2009, 08:44 AM #9Retired Moderator
- Join Date
- Feb 2005
- Location
- Australia
- Posts
- 5,849
Try apxs2
10 charsChris
"Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter
-
06-22-2009, 08:48 AM #10Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
it seems it workded with apsx2 BUIT
look at output:
/usr/share/apr-1.0/build/libtool --silent --mode=compile --tag=disable-static i486-linux-gnu-gcc -prefer-pic -DLINUX=2 -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -D_REENTRANT -I/usr/include/apr-1.0 -I/usr/include/openssl -I/usr/include/postgresql -I/usr/include/xmltok -pthread -I/usr/include/apache2 -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include/postgresql -c -o mod_security.lo mod_security.c && touch mod_security.slo
i486-linux-gnu-gcc: mod_security.c: No such file or directory
i486-linux-gnu-gcc: no input files
apxs:Error: Command failed with rc=65536
.
Means?Pfff Help
-
06-22-2009, 09:00 AM #11Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
Wait.When doing
cd /etc/apache2
wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz
tar -xzvf modsec*
cd modsec*
cd apache2
and then pressing ls i see there is a configure file.
Then i run ./configure and:
checking for g++... g++
checking for C++ compiler default output file name... a.out
checking whether the C++ compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C++ compiler... yes
checking whether g++ accepts -g... yes
checking for gcc... gcc
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... /usr/bin/install -c
checking whether ln -s works... yes
checking whether make sets $(MAKE)... yes
checking for ranlib... ranlib
checking for perl... /usr/bin/perl
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for unistd.h... (cached) yes
checking for an ANSI C-conforming const... yes
checking for inline... inline
checking for C/C++ restrict keyword... __restrict
checking for size_t... yes
checking whether struct tm is in sys/time.h or time.h... time.h
checking for uint8_t... yes
checking for stdlib.h... (cached) yes
checking for GNU libc compatible malloc... yes
checking for working memcmp... yes
checking for atexit... yes
checking for fchmod... yes
checking for getcwd... yes
checking for memset... yes
checking for strcasecmp... yes
checking for strchr... yes
checking for strdup... yes
checking for strerror... yes
checking for strncasecmp... yes
checking for strrchr... yes
checking for strstr... yes
checking for strtol... yes
configure: looking for Apache module support via DSO through APXS
configure: found apxs at /usr/bin/apxs2
configure: checking httpd version
configure: httpd is recent enough
checking for libpcre config script... /usr/bin/pcre-config
configure: using '-L/usr/lib -lpcre' for pcre Library
checking for libapr config script... /usr/bin/apr-1-config
configure: using ' -luuid -lrt -lcrypt -lpthread -ldl' for apr Library
checking for libapr-util config script... /usr/bin/apu-1-config
configure: using ' -L/usr/lib -laprutil-1' for apu Library
checking for libxml2 config script... /usr/bin/xml2-config
configure: using '-lxml2' for libxml Library
checking for pkg-config script for lua library... no
configure: optional lua library not found
checking for libcurl config script... no
configure: *** curl library not found.
configure: NOTE: curl library is only required for building mlogc
configure: creating ./config.status
config.status: creating Makefile
config.status: creating build/apxs-wrapper
config.status: creating mlogc-src/mlogc-batch-load.pl
config.status: creating t/run-unit-tests.pl
config.status: creating t/run-regression-tests.pl
config.status: creating t/gen_rx-pm.pl
config.status: creating t/csv_rx-pm.pl
config.status: creating t/regression/server_root/conf/httpd.conf
config.status: creating ../tools/rules-updater.pl
config.status: creating mlogc-src/Makefile
config.status: creating mod_security2_config.h
config.status: mod_security2_config.h is unchanged
SO?
-
06-22-2009, 09:01 AM #12Web Hosting Master
- Join Date
- Jun 2003
- Location
- World Wide Web
- Posts
- 581
Please check whether you have gcc installed on the server.
SupportExpertz.com - the name says it all!
Managed Cloud Servers
Server Management and Monitoring
24x7 outsourced customer support
-
06-22-2009, 09:02 AM #13Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
Mate thanks but check my previus post...Is it ok?
-
06-22-2009, 09:04 AM #14Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
And cause u asked :
Reading package lists... Done
Building dependency tree
Reading state information... Done
gcc is already the newest version.
gcc set to manually installed.
build-essential is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
So? with ./configure is ok?
Thanksss
-
06-22-2009, 09:12 AM #15Web Hosting Master
- Join Date
- Jun 2003
- Location
- World Wide Web
- Posts
- 581
Please check the version of gcc.
gcc -vSupportExpertz.com - the name says it all!
Managed Cloud Servers
Server Management and Monitoring
24x7 outsourced customer support
-
06-22-2009, 09:14 AM #16Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-targets=all --enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-linux-gnu
Thread model: posix
gcc version 4.2.4 (Ubuntu 4.2.4-1ubuntu4)
Thanks
-
06-22-2009, 12:05 PM #17Web Hosting Evangelist
- Join Date
- Nov 2001
- Posts
- 468
You can install mod-security with apache2 using the following commands:
apt-get -y install libapache2-mod-security
a2enmod mod-security
and then reload apache2 for the changes to take effect:
/etc/init.d/apache2 force-reload---=== RoseHosting.com Admin ===---
Linux Server Management and Outsourced Web Hosting Support - linuxhostsupport.com
Managed Linux VPS Hosting - rosehosting.com
High Quality Linux virtual servers with lots of Guaranteed RAM and SSD space, Impeccable Service.
-
06-22-2009, 12:18 PM #18Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
error
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package libapache2-mod-security is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libapache2-mod-security has no installation candidate
Failed.Why mate?
-
06-23-2009, 01:25 AM #19Web Hosting Evangelist
- Join Date
- Nov 2001
- Posts
- 468
What version of Ubuntu you are using?
Copy and paste here the output of 'cat /etc/issue'.---=== RoseHosting.com Admin ===---
Linux Server Management and Outsourced Web Hosting Support - linuxhostsupport.com
Managed Linux VPS Hosting - rosehosting.com
High Quality Linux virtual servers with lots of Guaranteed RAM and SSD space, Impeccable Service.
-
06-23-2009, 11:31 AM #20Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
PROBLEM Mod Security
Hello, i finally made it to install modsecurity to ubuntu 8.04.
The module is loaded in apache2.conf .
BUT look the entries i made to make modsecurity to start:
LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so
Include /etc/apache2/modsecurity/*.conf
Include /etc/apache2/modsecurity/optional_rules/*.conf
. . . .
Its loading fine!
The 2 last lines are for rules.BUT when going to mydomain.com/index.php?setlang=www.google.com/file.txt
it shows mysite.IT must show 505 METHOD NOT IMPLEMENT!
Also when scanning with acunetix scanner it shows my whole site.BUT IT SHOULDNT SHOW IT CAUSE I HAVE MODSECURITY.
The only thing that works is:
Apache/2.2.0 (Windows 2003 Server) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
Operating system Unknown
Thats false info cause my server i ubuntu.It means that this info has been modified by modsecurity.But nothing else works.
PLEASE HEEELLLPP
-
06-23-2009, 11:38 AM #21Web Hosting Evangelist
- Join Date
- Jan 2003
- Posts
- 512
you need to go through your modsec_audit.log and see what rule is being triggered by your site. The add an exception or remove the rule.
-
06-23-2009, 11:40 AM #22Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
my site is not protected
-
06-23-2009, 01:06 PM #23Junior Guru Wannabe
- Join Date
- May 2009
- Posts
- 51
The prob is the rules.They are not fully working or somethig like that
Similar Threads
-
Serious security issue with default postgresql install on cPanel?
By dspillettt in forum Hosting Software and Control PanelsReplies: 8Last Post: 05-08-2013, 10:43 PM -
Debian server need install and security of vhcs willing to pay
By ExobiT in forum Systems Management RequestsReplies: 2Last Post: 07-26-2008, 08:16 AM -
suggested mod security rules / install method
By Calibaba in forum Hosting Security and TechnologyReplies: 1Last Post: 02-08-2008, 06:30 AM -
!!! DO NOT INSTALL ---- RaQ550-All-Security-0.0.1-16623.pkg - problem
By cdgcommerce in forum Dedicated ServerReplies: 3Last Post: 01-13-2004, 01:07 AM -
RaQ4-All-Security-2.0.1-15959.pkg Install error
By qhasxeem in forum Dedicated ServerReplies: 1Last Post: 04-02-2003, 04:00 AM