4

Greetings Serverfaultians. I'm not a server guy as you can see from my noob score of 1 point. But maybe those more versed can help me.

I'm using Ubuntu v13.10 32-bit Server and Apache2 v2.4.6 and I'm trying to set up and configure modsecurity and modevasive on an internet-exposed production/test server. I am trying to follow this tutorial: http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-ubuntu-1204-lts-server.

But at step 3:

Now add these rules to Apache2. Open a terminal window and enter:

sudo vi /etc/apache2/mods-available/mod-security.conf

This file does not exist. Any suggestions?

James
  • 185
  • 1
  • 7
  • If the file doesn't exist then you need to contact the author of the tutorial and get them to fix it. – user9517 Jun 10 '14 at 21:11
  • Try going back to step 1. Sounds like you skipped it. – Michael Hampton Jun 10 '14 at 21:11
  • Don't know if you guys are being facetious--I followed all the steps. Anyway I tried to comment on that blog, but am getting 404 errors. Nevertheless, I may have found the solution in another answer. – James Jun 10 '14 at 21:16

2 Answers2

4

Probably you're using Ubuntu 14.04. there are a couple of changes on that version. To add the rules you want, edit the following file instead:

sudo vi /etc/apache/mods-enabled/security2.conf
user225752
  • 56
  • 1
0

The answer was found on stackoverflow. Strange place for a server question. Regardless, it may help others: Trying to setup mod-security but mod-security.conf is missing

The file is named /etc/apache2/mods-available/security2.conf and it is enabled by default after modsecurity install.

# make changes to security2.conf
a2dismod security2
a2enmod security2
service apache2 restart

Similarly, modevasive is now /etc/apache2/mods-available/evasive.conf.

Community
  • 1
James
  • 185
  • 1
  • 7