Must install libxml2 before starting
# wget http://xmlsoft.org/sources/libxml2-2.9.2.tar.gz
# tar xzvf libxml2-2.9.2.tar.gz
# cd libxml2-2.9.2
# ./configure
# make
# make install
# yum install automake && pcre-devel && apr-devel && curl-devel && libxml2-devel
# wget https://www.modsecurity.org/tarball/2.9.0/modsecurity-2.9.0.tar.gz
# tar zxvf modsecurity-2.9.0.tar.gz
# cd modsecurity-2.9.0/
#./configure --with-apxs=/hsphere/shared/apache2/bin/apxs --with-apr=/hsphere/shared/apache2/bin/apr-1-config --with-apu=/hsphere/shared/apache2/bin/apu-1-config
# make
# make install
# mv /hsphere/shared/apache2/modules/mod_security2.so /hsphere/shared/apache2/modules/mod_security2.so.back
# cp /usr/local/modsecurity/lib/mod_security2.so /hsphere/shared/apache2/modules/
# nano /hsphere/local/config/httpd2/httpd.conf
add
# LoadFile /root/libxml2-2.9.2/.libs/libxml2.so
# cp /hsphere/local/config/httpd2/httpd.conf.tmpl.custom
Now download the last rules:
https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
# tar zxvf SpiderLabs-owasp-modsecurity-crs-2.2.9-17-g60c8bc9.tar.gz
# mv SpiderLabs-owasp-modsecurity-crs-2.2.9-17-g60c8bc9 /hsphere/local/config/httpd2/
Now we configure hsphere apache work with new rules
# nano /hsphere/local/config/httpd2/httpd.conf.tmpl.custom
make it look like:
#Include /hsphere/local/config/httpd2/modsecurity-core-rules/*.conf
Include /hsphere/local/config/httpd2/SpiderLabs-owasp-modsecurity-crs-g60c8bc9/base_rules/*.conf
Include /hsphere/local/config/httpd2/extra/httpd-security2.conf
Include /hsphere/local/config/httpd2/gotrootrules2/*.conf
Include /hsphere/local/config/httpd2/extra/httpd-exclude-secrules2.conf
# /etc/init.d/httpd restart
Now we done :)
================Troubleshooting=====================
if error
configure: *** pcre library not found.
# yum install pcre-devel
if error
configure: *** apr library not found.
yum install apr-devel
if error
configure: *** curl library not found.
# yum install curl-devel
if error
configure: *** apu library not found.
# yum install apr-util-devel
if error
configure: *** xml library not found
# yum install libxml2-devel
# yum install automake
Must install libxml2 before starting
# wget http://xmlsoft.org/sources/libxml2-2.9.2.tar.gz
# tar xzvf libxml2-2.9.2.tar.gz
# cd libxml2-2.9.2
# ./configure
# make
# make install
# wget http://xmlsoft.org/sources/libxml2-2.9.2.tar.gz
# tar xzvf libxml2-2.9.2.tar.gz
# cd libxml2-2.9.2
# ./configure
# make
# make install
# yum install automake && pcre-devel && apr-devel && curl-devel && libxml2-devel
# wget https://www.modsecurity.org/tarball/2.9.0/modsecurity-2.9.0.tar.gz
# tar zxvf modsecurity-2.9.0.tar.gz
# cd modsecurity-2.9.0/
#./configure --with-apxs=/hsphere/shared/apache2/bin/apxs --with-apr=/hsphere/shared/apache2/bin/apr-1-config --with-apu=/hsphere/shared/apache2/bin/apu-1-config
# make
# make install
# mv /hsphere/shared/apache2/modules/mod_security2.so /hsphere/shared/apache2/modules/mod_security2.so.back
# cp /usr/local/modsecurity/lib/mod_security2.so /hsphere/shared/apache2/modules/
# tar zxvf modsecurity-2.9.0.tar.gz
# cd modsecurity-2.9.0/
#./configure --with-apxs=/hsphere/shared/apache2/bin/apxs --with-apr=/hsphere/shared/apache2/bin/apr-1-config --with-apu=/hsphere/shared/apache2/bin/apu-1-config
# make
# make install
# mv /hsphere/shared/apache2/modules/mod_security2.so /hsphere/shared/apache2/modules/mod_security2.so.back
# cp /usr/local/modsecurity/lib/mod_security2.so /hsphere/shared/apache2/modules/
# nano /hsphere/local/config/httpd2/httpd.conf
add
# LoadFile /root/libxml2-2.9.2/.libs/libxml2.so
add
# LoadFile /root/libxml2-2.9.2/.libs/libxml2.so
# cp /hsphere/local/config/httpd2/httpd.conf.tmpl.custom
Now download the last rules:
https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
# tar zxvf SpiderLabs-owasp-modsecurity-crs-2.2.9-17-g60c8bc9.tar.gz
# mv SpiderLabs-owasp-modsecurity-crs-2.2.9-17-g60c8bc9 /hsphere/local/config/httpd2/
# mv SpiderLabs-owasp-modsecurity-crs-2.2.9-17-g60c8bc9 /hsphere/local/config/httpd2/
Now we configure hsphere apache work with new rules
# nano /hsphere/local/config/httpd2/httpd.conf.tmpl.custom
make it look like:
# nano /hsphere/local/config/httpd2/httpd.conf.tmpl.custom
make it look like:
#Include /hsphere/local/config/httpd2/modsecurity-core-rules/*.conf
Include /hsphere/local/config/httpd2/SpiderLabs-owasp-modsecurity-crs-g60c8bc9/base_rules/*.conf
Include /hsphere/local/config/httpd2/extra/httpd-security2.conf
Include /hsphere/local/config/httpd2/gotrootrules2/*.conf
Include /hsphere/local/config/httpd2/extra/httpd-exclude-secrules2.conf
# /etc/init.d/httpd restart
Now we done :)
================Troubleshooting=====================
if error
configure: *** pcre library not found.
# yum install pcre-devel
if error
configure: *** pcre library not found.
# yum install pcre-devel
if error
configure: *** apr library not found.
yum install apr-devel
configure: *** apr library not found.
yum install apr-devel
if error
configure: *** curl library not found.
# yum install curl-devel
configure: *** curl library not found.
# yum install curl-devel
if error
configure: *** apu library not found.
# yum install apr-util-devel
configure: *** apu library not found.
# yum install apr-util-devel
if error
configure: *** xml library not found
# yum install libxml2-devel
configure: *** xml library not found
# yum install libxml2-devel
# yum install automake
No comments:
Post a Comment