Apache mod security configure

Configuration Of Mod Security in Apache Web Server

Configuration of Mod Security is a module which provides the Web Application Firewall for your Apache server against the outside attack.

It also act as Intrusion detection tool which allowing you to reach to suspicious events which are happening on your server.

It also allows you to monitor real time HTTP traffic.

Install the Package

yum install mod_security -y

If you do not find this package in yum repository, You can add epel-repo to install this package.

Link to download Epel Repo for Redhat 7  Download

Link to download Epel Repo for Redhat 6Download

Check Out :  Hide Apache Server Name

Check module already loaded or not.

httpd -M | grep sec

Output: security2_module (shared)

Check Out : Redirect One Domain To Another Domain

File Location /etc/httpd/conf.d/mod_security.conf

Now configure with desired value :

1. On – rules activated

2. Off – rules deactivated

3. DetectionOnly – only intercepts and logs transactions

The default setting will be SecRuleEngine DetectionOnly

Changed to SecRuleEngine On

You may also setup some other parameter according to your need.

Check Out : Apache “Test a Web Page Using Name Based Virtual Hosting

Keeping This “ SecRequestBodyAccess Off “ when you need to be kept is “ On “ when the data leakage detection and protection is required otherwise it will use server resources and increase the log size.

You can also limit the maximum data that can be posted to your web application according to your need.

These are the default values defined in mod_security.conf file

SecRequestBodyLimit 13107200

SecRequestBodyNoFilesLimit 131072

SecRequestBodyInMemoryLimit 131072

After all these settings, Restart the Apache service

systemctl restart httpd

That’s it.

Leave a Reply

Notify of