ModSecurity Debian 8

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

ModSecurity Debian 8

lannoun@runbox.com
Hi,
I have spent about 2 days trying to understand how to setup mod-security
on my web server.

  I choose to rely on packages in the official repo, so if possible I
will not compile packages.

Is correct to say that I can't have mod-security in nginx?
Is mod-security only available in apache2?

Then I'm looking for some instruction about installing. There are a lot
of outdated material and is difficult to learn the right stuff.


Here is what I have typed:


apt-get install libcurl3-gnutls liblua5.1-0 libxml2
apt-get install libapache2-mod-security2
apt-get install modsecuriy-crs
sudo mv /etc/modsecurity/modsecurity.conf-recommended
/etc/modsecurity/modsecurity.conf
sudo nano /etc/modsecurity/modsecurity.conf


I have turned on the option SecRuleEngine

git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git


Now... my questions are:

1) Where I have to put the rules
2) Which other config files I have to edit
3) How I enable modsecurity on my website
4) Do you have sample config file to share?


Thanks a lot for your help.

Anders. LA.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: ModSecurity Debian 8

Krzysztof Kokot
Hi, 

I can't help you a lot, in fact the only thing I can do is recommend you this article: https://www.digitalocean.com/community/tutorials/how-to-set-up-mod_security-with-apache-on-debian-ubuntu. It works for me.

Cheers,
Krzysztof Kokot

20 mar 2017 19:53 "[hidden email]" <[hidden email]> napisał(a):
Hi,
I have spent about 2 days trying to understand how to setup mod-security on my web server.

 I choose to rely on packages in the official repo, so if possible I will not compile packages.

Is correct to say that I can't have mod-security in nginx?
Is mod-security only available in apache2?

Then I'm looking for some instruction about installing. There are a lot of outdated material and is difficult to learn the right stuff.


Here is what I have typed:


apt-get install libcurl3-gnutls liblua5.1-0 libxml2
apt-get install libapache2-mod-security2
apt-get install modsecuriy-crs
sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sudo nano /etc/modsecurity/modsecurity.conf


I have turned on the option SecRuleEngine

git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git


Now... my questions are:

1) Where I have to put the rules
2) Which other config files I have to edit
3) How I enable modsecurity on my website
4) Do you have sample config file to share?


Thanks a lot for your help.

Anders. LA.


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: ModSecurity Debian 8

Alberto Gonzalez Iniesta
In reply to this post by lannoun@runbox.com
On Mon, Mar 20, 2017 at 07:52:56PM +0100, [hidden email] wrote:

> Hi,
> I have spent about 2 days trying to understand how to setup mod-security on
> my web server.
>
>  I choose to rely on packages in the official repo, so if possible I will
> not compile packages.
>
> Is correct to say that I can't have mod-security in nginx?
> Is mod-security only available in apache2?
>
> Then I'm looking for some instruction about installing. There are a lot of
> outdated material and is difficult to learn the right stuff.
>
>
> Here is what I have typed:
>
>
> apt-get install libcurl3-gnutls liblua5.1-0 libxml2
> apt-get install libapache2-mod-security2
> apt-get install modsecuriy-crs
> sudo mv /etc/modsecurity/modsecurity.conf-recommended
> /etc/modsecurity/modsecurity.conf
> sudo nano /etc/modsecurity/modsecurity.conf
>
>
> I have turned on the option SecRuleEngine
>
> git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
>
>
> Now... my questions are:
>
> 1) Where I have to put the rules
> 2) Which other config files I have to edit
> 3) How I enable modsecurity on my website
> 4) Do you have sample config file to share?
>

Hi there,

Debian's modsecurity packages will only work with Apache. In order to
get modsecurity to work with nginx you'll have to re-compile nginx and
modsecurity. This may help you:
https://www.howtoforge.com/tutorial/install-nginx-with-mod_security-on-ubuntu-15-04/

Regards,

Alberto


--
Alberto Gonzalez Iniesta    | Formación, consultoría y soporte técnico
mailto/sip: [hidden email] | en GNU/Linux y software libre
Encrypted mail preferred    | http://inittab.com

Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: ModSecurity Debian 8

Casper Madsen
In reply to this post by lannoun@runbox.com
Hi Anders.

If you are using nginx take a look at naxsi.

Best regards
Casper

> Den 20. mar. 2017 kl. 19.52 skrev "[hidden email]" <[hidden email]>:
>
> Hi,
> I have spent about 2 days trying to understand how to setup mod-security on my web server.
>
> I choose to rely on packages in the official repo, so if possible I will not compile packages.
>
> Is correct to say that I can't have mod-security in nginx?
> Is mod-security only available in apache2?
>
> Then I'm looking for some instruction about installing. There are a lot of outdated material and is difficult to learn the right stuff.
>
>
> Here is what I have typed:
>
>
> apt-get install libcurl3-gnutls liblua5.1-0 libxml2
> apt-get install libapache2-mod-security2
> apt-get install modsecuriy-crs
> sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
> sudo nano /etc/modsecurity/modsecurity.conf
>
>
> I have turned on the option SecRuleEngine
>
> git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
>
>
> Now... my questions are:
>
> 1) Where I have to put the rules
> 2) Which other config files I have to edit
> 3) How I enable modsecurity on my website
> 4) Do you have sample config file to share?
>
>
> Thanks a lot for your help.
>
> Anders. LA.
>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: ModSecurity Debian 8

Richard Waterbeek
In reply to this post by Krzysztof Kokot
Mod-security,

[opinioned]

"Blocks certain words that are normal. Decision to depend on it, depends on what your Apache server, serves. I run a forum that sometimes has over ten spambots at once. Running without that piece of art"

However, few, but not so few, 'no likey-likey' Mod security, and I regret remembering their bias.

Sorry, I can't tell much more then that. Responses to this post I deem 'friendly' [my post that is, not so friendly responses, I have a thick skin], might trigger my mind. [or won't]

[/opinoned]

--
Richard W.
The Netherlands

Krzysztof Kokot schreef op ma 20-03-2017 om 23:03 [+0100]:
Hi, 


I can't help you a lot, in fact the only thing I can do is recommend you this article: https://www.digitalocean.com/community/tutorials/how-to-set-up-mod_security-with-apache-on-debian-ubuntu. It works for me.


Cheers,
Krzysztof Kokot

20 mar 2017 19:53 "[hidden email]" <[hidden email]> napisał(a):
Hi,
I have spent about 2 days trying to understand how to setup mod-security on my web server.

 I choose to rely on packages in the official repo, so if possible I will not compile packages.

Is correct to say that I can't have mod-security in nginx?
Is mod-security only available in apache2?

Then I'm looking for some instruction about installing. There are a lot of outdated material and is difficult to learn the right stuff.


Here is what I have typed:


apt-get install libcurl3-gnutls liblua5.1-0 libxml2
apt-get install libapache2-mod-security2
apt-get install modsecuriy-crs
sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sudo nano /etc/modsecurity/modsecurity.conf


I have turned on the option SecRuleEngine

git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git


Now... my questions are:

1) Where I have to put the rules
2) Which other config files I have to edit
3) How I enable modsecurity on my website
4) Do you have sample config file to share?


Thanks a lot for your help.

Anders. LA.





Loading...