2

I am trying to install mod_security on a server running Apache 2.4 - if I try and use:

yum install mod_security

it tells me Apache 2.2.15 is a dependency and won't install without this.

I then tried downloading mod_security and compiling it which eventually works but only after requiring httpd-devel due to a dependancy for APXS.

Due to needing to install httpd-devel, mod_security then gets installed for 2.2.15 and the modules do not appear to work with 2.4 - when I try to restart httpd I get an error:

Starting httpd: httpd: Syntax error on line 57 of /opt/httpd/conf/httpd.conf: Cannot load modules/mod_security2.so into server: /opt/httpd/modules/mod_security2.so: undefined symbol: ap_log_error

modules/mod_security2.so was copied manually from /etc/httpd/modules (Apache 2.2.15 directory).

Is there a specific install process for Apache 2.4 which does not require mixing things up by needing to install bits of 2.2?

bhttoan
  • 650
  • 3
  • 15
  • 27
  • 1
    What OS are you using? How did you install apache 2.4? – jordanm Aug 23 '16 at 20:38
  • Whoops, sorry! It is Centos 6.5 and apache was installed using yum – bhttoan Aug 23 '16 at 20:51
  • Short answer: RHEL7/CentOS7 provides RPMs for `mod_security`, but you are pretty much on your own with RHEL6/CentOS6 unless you find a third party repo to provide the package. Red Hat Software Collections provides Apache 2.4 for EL6, but does not provide `mod_security`. If you have a Red Hat subscription, you can also find a more detailed answer here: https://access.redhat.com/solutions/33595 – Stefan Lasiewski Aug 23 '16 at 20:51
  • 1
    Using yum from what repository? The default repositories do not include 2.4. – jordanm Aug 23 '16 at 20:51
  • rhel-server-rhscl-7-rpms – bhttoan Aug 24 '16 at 05:24

1 Answers1

1

It's likely you still have Apache 2.2 installed and when you configured ModSecurity it built it for 2.2.

Here's the steps I use to install ModSecurity from source based on Apache installed in /usr/local/apache2:

#Download ModSecurity
wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz
wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz.sha256

#Config checksum of download
sha256sum -c modsecurity-2.9.1.tar.gz.sha256

#Install ModSecurity:
tar -xvf modsecurity-2.9.1.tar.gz
cd modsecurity-2.9.1
./configure --with-apxs=/usr/local/apache2/bin/apxs
make
sudo make install
cp /usr/local/modsecurity/lib/mod_security2.so /usr/local/apache2/modules

Then configure it in Apache config.

Hope that helps.

Barry Pollard
  • 4,591
  • 15
  • 26