0

I'm using Webuzo on my first unmanaged VPS (CentOS 6.4,OpenVZ). I tried to install Mod_Security following this guide. I installed Modsecurity-apache_2.6.6 but there's a problem in Step3 that prevents me from installing OWASP Mod_Security Core Rule Set

wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz

The Download address has been removed. So I found another guide for the rule set but I can't get this command to work

git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git

It returns "-bash: git: command not found"

What command should I use to get OWASP CRS?

Also, I suspect the mod_security installation is incomplete since httpd server is unable to restart after installing modsecurity. Here's the configuration error:

[root@xx ~]# httpd -t Syntax error on line 7 of /etc/httpd/conf.d/modsecurity.conf: Invalid command 'SecRuleEngine', perhaps misspelled or defined by a module not included in the server configuration

Should I uninstall Mod_Secuirty first since everything seems to have become a mess now?

Any help is appreciated.

RedGiant
  • 4,444
  • 11
  • 59
  • 146

2 Answers2

1

The apache binary in case of Webuzo is located at /usr/local/apps/apache and the modules are located at /usr/local/apps/apache/modules/lib. Also the apache configurations in case of Webuzo are located at /usr/local/apps/apache/etc/ and /usr/local/apps/apache/etc/conf.d/

It seems you are trying to compile mod_security at an inappropriate location.

Valerian Pereira
  • 725
  • 1
  • 6
  • 16
0

As you are having error with modsecurity.conf, I wonder whether you have followed the step

Step 4: Configuring Mod_Security

In the guide you have followed.

"-bash: git: command not found"

This error can be resolved by installing the package that includes git. try

yum install git-core -y

Both guide1 and guide2 are good to install mod_sec and follow any one. :)

Leo Prince
  • 2,019
  • 26
  • 29
  • Thank you Leo. Something seems to prevent me from retarting httpd. I want to start everything again from the zero. How can I uninstall the files first? I've installed two different mod security files ([root@ee ModSecurity] and [modsecurity-apache_2.6.6]) from guide 1 and 2 and downloaded the security core [modsecurity-crs]. – RedGiant Aug 04 '13 at 18:16
  • Go through the guide 1 and 2 and you have to manually revert all the changes. did you followed the step four in the guide 1. try "grep -i security2_module /etc.httpd/conf/httpd.conf" Are you having any control panels? – Leo Prince Aug 04 '13 at 18:21
  • Yes, after editing the httpd.conf. I entered /etc/init.d/httpd restart in different locations but nothing happens. Is this normal? - [root@ee modsecurity-crs]# vi /etc/httpd/conf/httpd.conf - [root@ee modsecurity-crs]# /etc/init.d/httpd restart - [root@ee modsecurity-crs]# cd - [root@ee ~]# /etc/init.d/httpd restart – RedGiant Aug 04 '13 at 18:30
  • Yes, I'm using Webuzo – RedGiant Aug 04 '13 at 18:38
  • Here's the result: 1.I entered: [root@ee ~]# grep -i security2_module /etc.httpd/conf/httpd.conf 2.It returned: grep: /etc.httpd/conf/httpd.conf: No such file or directory – RedGiant Aug 04 '13 at 18:40
  • After following step 4 in guide 1, when I ran httpd -t, the new error is this: Syntax error on line 1011 of /etc/httpd/conf/httpd.conf: Could not open configuration file /etc/httpd/modsecurity-apache/modsecurity.conf: No such file or directory – RedGiant Aug 04 '13 at 19:08