Results 1 to 23 of 23
  1. #1
    Join Date
    May 2009
    Posts
    51

    MOD Security INSTALL

    Hello,

    i need to install mod security in ubuntu BUT I CANT.

    IT SAYS THERE IS NO PACKAGE etc.


    What commands to use?

    Please help

    Ubuntu 8.04

  2. #2
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Do you have any control panel on your server?

    what version of apache/http server you have on the server?
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  3. #3
    Join Date
    May 2009
    Posts
    51

    ok

    Hello mate,

    im using plesk in ubuntu 8.04 apache 2.2.8 !

    Please help.

    Thanks

  4. #4
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    you need to download modsecurity package at

    http://www.modsecurity.org/download/

    cd /etc/apache2
    wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz
    tar -xzvf modsec*
    cd modsec*
    cd apache2
    apxs -cia mod_security.c
    apachectl stop
    apachectl start
    You need to update the modsecurity rules
    in /etc/apache2/Includes/modsecurity.conf.

    You can get rule sets from http://www.gotroot.com


    You can either add the rules directly to the above mentioned modsecurity.conf file or you can specify the rules in seperate files and then include the file names in the above file.


    Please be careful while using modsecurity as certain rules can break functioning of certain sites.

    Make sure that you read the instructions available in INSTALL or README files.
    Last edited by supportexpertz; 06-22-2009 at 07:48 AM.
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  5. #5
    Join Date
    May 2009
    Posts
    51
    i will try it in a min.

    Thanks mate.i WILL inform u if it works.THANKSSS

  6. #6
    Join Date
    May 2009
    Posts
    51
    Mate help.Im trying to do apxs -cia mod_security.c but says apxs command not found..

    Means?Please

  7. #7
    You need to install apxs - which is required to built modules for apache.

    Code:
    apt-get install apache2-threaded-dev

  8. #8
    Join Date
    May 2009
    Posts
    51
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    apache2-threaded-dev is already the newest version.
    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.



    And then: i put apxs -cia mod_security.c


    and: -bash: apxs: command not found


    WHY?damn

  9. #9
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Try apxs2

    10 chars
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  10. #10
    Join Date
    May 2009
    Posts
    51
    it seems it workded with apsx2 BUIT
    look at output:


    /usr/share/apr-1.0/build/libtool --silent --mode=compile --tag=disable-static i486-linux-gnu-gcc -prefer-pic -DLINUX=2 -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -D_REENTRANT -I/usr/include/apr-1.0 -I/usr/include/openssl -I/usr/include/postgresql -I/usr/include/xmltok -pthread -I/usr/include/apache2 -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include/postgresql -c -o mod_security.lo mod_security.c && touch mod_security.slo
    i486-linux-gnu-gcc: mod_security.c: No such file or directory
    i486-linux-gnu-gcc: no input files
    apxs:Error: Command failed with rc=65536
    .


    Means?Pfff Help

  11. #11
    Join Date
    May 2009
    Posts
    51
    Wait.When doing

    cd /etc/apache2
    wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz
    tar -xzvf modsec*
    cd modsec*
    cd apache2

    and then pressing ls i see there is a configure file.

    Then i run ./configure and:



    checking for g++... g++
    checking for C++ compiler default output file name... a.out
    checking whether the C++ compiler works... yes
    checking whether we are cross compiling... no
    checking for suffix of executables...
    checking for suffix of object files... o
    checking whether we are using the GNU C++ compiler... yes
    checking whether g++ accepts -g... yes
    checking for gcc... gcc
    checking whether we are using the GNU C compiler... yes
    checking whether gcc accepts -g... yes
    checking for gcc option to accept ISO C89... none needed
    checking how to run the C preprocessor... gcc -E
    checking for a BSD-compatible install... /usr/bin/install -c
    checking whether ln -s works... yes
    checking whether make sets $(MAKE)... yes
    checking for ranlib... ranlib
    checking for perl... /usr/bin/perl
    checking for grep that handles long lines and -e... /bin/grep
    checking for egrep... /bin/grep -E
    checking for ANSI C header files... yes
    checking for sys/types.h... yes
    checking for sys/stat.h... yes
    checking for stdlib.h... yes
    checking for string.h... yes
    checking for memory.h... yes
    checking for strings.h... yes
    checking for inttypes.h... yes
    checking for stdint.h... yes
    checking for unistd.h... yes
    checking fcntl.h usability... yes
    checking fcntl.h presence... yes
    checking for fcntl.h... yes
    checking limits.h usability... yes
    checking limits.h presence... yes
    checking for limits.h... yes
    checking for stdlib.h... (cached) yes
    checking for string.h... (cached) yes
    checking for unistd.h... (cached) yes
    checking for an ANSI C-conforming const... yes
    checking for inline... inline
    checking for C/C++ restrict keyword... __restrict
    checking for size_t... yes
    checking whether struct tm is in sys/time.h or time.h... time.h
    checking for uint8_t... yes
    checking for stdlib.h... (cached) yes
    checking for GNU libc compatible malloc... yes
    checking for working memcmp... yes
    checking for atexit... yes
    checking for fchmod... yes
    checking for getcwd... yes
    checking for memset... yes
    checking for strcasecmp... yes
    checking for strchr... yes
    checking for strdup... yes
    checking for strerror... yes
    checking for strncasecmp... yes
    checking for strrchr... yes
    checking for strstr... yes
    checking for strtol... yes
    configure: looking for Apache module support via DSO through APXS
    configure: found apxs at /usr/bin/apxs2
    configure: checking httpd version
    configure: httpd is recent enough
    checking for libpcre config script... /usr/bin/pcre-config
    configure: using '-L/usr/lib -lpcre' for pcre Library
    checking for libapr config script... /usr/bin/apr-1-config
    configure: using ' -luuid -lrt -lcrypt -lpthread -ldl' for apr Library
    checking for libapr-util config script... /usr/bin/apu-1-config
    configure: using ' -L/usr/lib -laprutil-1' for apu Library
    checking for libxml2 config script... /usr/bin/xml2-config
    configure: using '-lxml2' for libxml Library
    checking for pkg-config script for lua library... no
    configure: optional lua library not found
    checking for libcurl config script... no
    configure: *** curl library not found.
    configure: NOTE: curl library is only required for building mlogc
    configure: creating ./config.status
    config.status: creating Makefile
    config.status: creating build/apxs-wrapper
    config.status: creating mlogc-src/mlogc-batch-load.pl
    config.status: creating t/run-unit-tests.pl
    config.status: creating t/run-regression-tests.pl
    config.status: creating t/gen_rx-pm.pl
    config.status: creating t/csv_rx-pm.pl
    config.status: creating t/regression/server_root/conf/httpd.conf
    config.status: creating ../tools/rules-updater.pl
    config.status: creating mlogc-src/Makefile
    config.status: creating mod_security2_config.h
    config.status: mod_security2_config.h is unchanged


    SO?

  12. #12
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Please check whether you have gcc installed on the server.
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  13. #13
    Join Date
    May 2009
    Posts
    51
    Mate thanks but check my previus post...Is it ok?

  14. #14
    Join Date
    May 2009
    Posts
    51
    And cause u asked :

    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    gcc is already the newest version.
    gcc set to manually installed.
    build-essential is already the newest version.
    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.


    So? with ./configure is ok?

    Thanksss

  15. #15
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Please check the version of gcc.

    gcc -v
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  16. #16
    Join Date
    May 2009
    Posts
    51
    Using built-in specs.
    Target: i486-linux-gnu
    Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-targets=all --enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-linux-gnu
    Thread model: posix
    gcc version 4.2.4 (Ubuntu 4.2.4-1ubuntu4)


    Thanks

  17. #17
    You can install mod-security with apache2 using the following commands:

    apt-get -y install libapache2-mod-security
    a2enmod mod-security

    and then reload apache2 for the changes to take effect:

    /etc/init.d/apache2 force-reload
    ---=== RoseHosting.com Admin ===---
    Linux Server Management and Outsourced Web Hosting Support - linuxhostsupport.com
    Managed Linux VPS Hosting - rosehosting.com
    High Quality Linux virtual servers with lots of Guaranteed RAM and SSD space, Impeccable Service.

  18. #18
    Join Date
    May 2009
    Posts
    51

    error

    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    Package libapache2-mod-security is not available, but is referred to by another package.
    This may mean that the package is missing, has been obsoleted, or
    is only available from another source
    E: Package libapache2-mod-security has no installation candidate



    Failed.Why mate?

  19. #19
    What version of Ubuntu you are using?

    Copy and paste here the output of 'cat /etc/issue'.
    ---=== RoseHosting.com Admin ===---
    Linux Server Management and Outsourced Web Hosting Support - linuxhostsupport.com
    Managed Linux VPS Hosting - rosehosting.com
    High Quality Linux virtual servers with lots of Guaranteed RAM and SSD space, Impeccable Service.

  20. #20
    Join Date
    May 2009
    Posts
    51

    PROBLEM Mod Security

    Hello, i finally made it to install modsecurity to ubuntu 8.04.


    The module is loaded in apache2.conf .

    BUT look the entries i made to make modsecurity to start:


    LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so

    Include /etc/apache2/modsecurity/*.conf

    Include /etc/apache2/modsecurity/optional_rules/*.conf
    . . . .


    Its loading fine!

    The 2 last lines are for rules.BUT when going to mydomain.com/index.php?setlang=www.google.com/file.txt

    it shows mysite.IT must show 505 METHOD NOT IMPLEMENT!

    Also when scanning with acunetix scanner it shows my whole site.BUT IT SHOULDNT SHOW IT CAUSE I HAVE MODSECURITY.

    The only thing that works is:

    Apache/2.2.0 (Windows 2003 Server) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
    Operating system Unknown


    Thats false info cause my server i ubuntu.It means that this info has been modified by modsecurity.But nothing else works.



    PLEASE HEEELLLPP

  21. #21
    you need to go through your modsec_audit.log and see what rule is being triggered by your site. The add an exception or remove the rule.
    cPanel Hosting
    Site5.com - Best support in the hosting business!

  22. #22
    Join Date
    May 2009
    Posts
    51
    my site is not protected

  23. #23
    Join Date
    May 2009
    Posts
    51
    The prob is the rules.They are not fully working or somethig like that

Similar Threads

  1. Serious security issue with default postgresql install on cPanel?
    By dspillettt in forum Hosting Software and Control Panels
    Replies: 8
    Last Post: 05-08-2013, 10:43 PM
  2. Debian server need install and security of vhcs willing to pay
    By ExobiT in forum Systems Management Requests
    Replies: 2
    Last Post: 07-26-2008, 08:16 AM
  3. suggested mod security rules / install method
    By Calibaba in forum Hosting Security and Technology
    Replies: 1
    Last Post: 02-08-2008, 06:30 AM
  4. Replies: 3
    Last Post: 01-13-2004, 01:07 AM
  5. RaQ4-All-Security-2.0.1-15959.pkg Install error
    By qhasxeem in forum Dedicated Server
    Replies: 1
    Last Post: 04-02-2003, 04:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •