I recently switched to a VPS rather than shared hosting. One of the helpful things of shared hosting was having mod_security. I noticed whenever I was trying to prevent SQL injections it's always a nice thing to add on. Anyways, I went to this site and followed the instructions for CentOS. Then I changed my configuration file to have SecEngineRule ON. I'm not sure if this was all I have to do, but I looked at a tutorial and this was all it said to do. However, after I restarted my server I went to attempt SQL injection on my site and Mod Security didn't do anything like it normally does. Can anyone help?
Asked
Active
Viewed 311 times
1 Answers
1
Its very likely you did not activated any rules, also, you might have forgotten to load mod_sec - which is good in this case, as you should switch SecEngineRule ON only AFTER you tested the config as you otherwise end up pretty fast in locking your web server down too much giving you a hard time...
Check this guide: https://www.rosehosting.com/blog/install-mod_security-with-the-owasp-core-rule-set-on-a-centos-vps/
The guide describes to install mod_sec from source (which will give you the latest version rather the one you got using yum with standard repos.
For the last step mentioned in guide above:
Use systemctl start httpd if you are on CentOS 7 and donĀ“t forget to run systemctl enable httpd in orderto make sure http is loaded after a reboot.
Another, more detailed, guide covers configuring mod_sec and (if wanted) mod_evasive. However, that guide ignores the mod_unique_id - so simply merge the two guides provided and you should be good to go.
i am different
- 143
- 9