Posted by ncntnb, 06-22-2009, 04:40 AM | Hello,
i need to install mod security in ubuntu BUT I CANT.
IT SAYS THERE IS NO PACKAGE etc.
What commands to use?
Please help
Ubuntu 8.04
|
Posted by supportexpertz, 06-22-2009, 07:21 AM | Do you have any control panel on your server?
what version of apache/http server you have on the server?
|
Posted by ncntnb, 06-22-2009, 07:24 AM | Hello mate,
im using plesk in ubuntu 8.04 apache 2.2.8 !
Please help.
Thanks
|
Posted by supportexpertz, 06-22-2009, 07:43 AM | you need to download modsecurity package at
http://www.modsecurity.org/download/
You need to update the modsecurity rules
in /etc/apache2/Includes/modsecurity.conf.
You can get rule sets from http://www.gotroot.com
You can either add the rules directly to the above mentioned modsecurity.conf file or you can specify the rules in seperate files and then include the file names in the above file.
Please be careful while using modsecurity as particular rules can break functioning of particular sites.
Make sure that you read the instructions available in INSTALL or README files.
Last edited by supportexpertz; 06-22-2009 at 07:48 AM.
|
Posted by ncntnb, 06-22-2009, 07:51 AM | i will try it in a min.
Thanks mate.i WILL inform u if it works.THANKSSS
|
Posted by ncntnb, 06-22-2009, 08:29 AM | Mate help.Im trying to do apxs -cia mod_security.c but says apxs command not found..
Means?Please
|
Posted by Gary4gar, 06-22-2009, 08:33 AM | You need to install apxs - which is required to built modules for apache.
|
Posted by ncntnb, 06-22-2009, 08:37 AM | Reading package lists... Done
Building dependency tree
Reading state information... Done
apache2-threaded-dev is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
And then: i put apxs -cia mod_security.c
and: -bash: apxs: command not found
WHY?damn
|
Posted by foobic, 06-22-2009, 08:44 AM | Try apxs2
10 chars
|
Posted by ncntnb, 06-22-2009, 08:48 AM | it seems it workded with apsx2 BUIT
look at output:
/usr/share/apr-1.0/build/libtool --silent --mode=compile --tag=disable-static i486-linux-gnu-gcc -prefer-pic -DLINUX=2 -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -D_REENTRANT -I/usr/include/apr-1.0 -I/usr/include/openssl -I/usr/include/postgresql -I/usr/include/xmltok -pthread -I/usr/include/apache2 -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include/postgresql -c -o mod_security.lo mod_security.c && touch mod_security.slo
i486-linux-gnu-gcc: mod_security.c: No such file or directory
i486-linux-gnu-gcc: no input files
apxs:Error: Command failed with rc=65536
.
Means?Pfff Help
|
Posted by ncntnb, 06-22-2009, 09:00 AM | Wait.When doing
cd /etc/apache2
wget http://www.modsecurity.org/download/...e_2.5.9.tar.gz
tar -xzvf modsec*
cd modsec*
cd apache2
and then pressing ls i see there is a configure file.
Then i run ./configure and:
checking for g++... g++
checking for C++ compiler default output file name... a.out
checking whether the C++ compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C++ compiler... yes
checking whether g++ accepts -g... yes
checking for gcc... gcc
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... /usr/bin/install -c
checking whether ln -s works... yes
checking whether make sets $(MAKE)... yes
checking for ranlib... ranlib
checking for perl... /usr/bin/perl
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for unistd.h... (cached) yes
checking for an ANSI C-conforming const... yes
checking for inline... inline
checking for C/C++ restrict keyword... __restrict
checking for size_t... yes
checking whether struct tm is in sys/time.h or time.h... time.h
checking for uint8_t... yes
checking for stdlib.h... (cached) yes
checking for GNU libc compatible malloc... yes
checking for working memcmp... yes
checking for atexit... yes
checking for fchmod... yes
checking for getcwd... yes
checking for memset... yes
checking for strcasecmp... yes
checking for strchr... yes
checking for strdup... yes
checking for strerror... yes
checking for strncasecmp... yes
checking for strrchr... yes
checking for strstr... yes
checking for strtol... yes
configure: looking for Apache module support via DSO through APXS
configure: found apxs at /usr/bin/apxs2
configure: checking httpd version
configure: httpd is recent enough
checking for libpcre config script... /usr/bin/pcre-config
configure: using '-L/usr/lib -lpcre' for pcre Library
checking for libapr config script... /usr/bin/apr-1-config
configure: using ' -luuid -lrt -lcrypt -lpthread -ldl' for apr Library
checking for libapr-util config script... /usr/bin/apu-1-config
configure: using ' -L/usr/lib -laprutil-1' for apu Library
checking for libxml2 config script... /usr/bin/xml2-config
configure: using '-lxml2' for libxml Library
checking for pkg-config script for lua library... no
configure: optional lua library not found
checking for libcurl config script... no
configure: *** curl library not found.
configure: NOTE: curl library is only required for building mlogc
configure: creating ./config.status
config.status: creating Makefile
config.status: creating build/apxs-wrapper
config.status: creating mlogc-src/mlogc-batch-load.pl
config.status: creating t/run-unit-tests.pl
config.status: creating t/run-regression-tests.pl
config.status: creating t/gen_rx-pm.pl
config.status: creating t/csv_rx-pm.pl
config.status: creating t/regression/server_root/conf/httpd.conf
config.status: creating ../tools/rules-updater.pl
config.status: creating mlogc-src/Makefile
config.status: creating mod_security2_config.h
config.status: mod_security2_config.h is unchanged
SO?
|
Posted by supportexpertz, 06-22-2009, 09:01 AM | Please check whether you have gcc installed on the server.
|
Posted by ncntnb, 06-22-2009, 09:02 AM | Mate thanks but check my previus post...Is it ok?
|
Posted by ncntnb, 06-22-2009, 09:04 AM | And cause u asked :
Reading package lists... Done
Building dependency tree
Reading state information... Done
gcc is already the newest version.
gcc set to manually installed.
build-essential is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
So? with ./configure is ok?
Thanksss
|
Posted by supportexpertz, 06-22-2009, 09:12 AM | Please check the version of gcc.
|
Posted by ncntnb, 06-22-2009, 09:14 AM | Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-targets=all --enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-linux-gnu
Thread model: posix
gcc version 4.2.4 (Ubuntu 4.2.4-1ubuntu4)
Thanks
|
Posted by RoseHosting, 06-22-2009, 12:05 PM | You can install mod-security with apache2 using the following commands:
apt-get -y install libapache2-mod-security
a2enmod mod-security
and then reload apache2 for the changes to take effect:
/etc/init.d/apache2 force-reload
|
Posted by ncntnb, 06-22-2009, 12:18 PM | Reading package lists... Done
Building dependency tree
Reading state information... Done
Package libapache2-mod-security is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libapache2-mod-security has no installation candidate
Failed.Why mate?
|
Posted by RoseHosting, 06-23-2009, 01:25 AM | What version of Ubuntu you are using?
Copy and paste here the output of 'cat /etc/issue'.
|
Posted by ncntnb, 06-23-2009, 11:31 AM | Hello, i finally made it to install modsecurity to ubuntu 8.04.
The module is loaded in apache2.conf .
BUT look the entries i made to make modsecurity to start:
LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so
Include /etc/apache2/modsecurity/*.conf
Include /etc/apache2/modsecurity/optional_rules/*.conf
. . . .
Its loading fine!
The 2 last lines are for rules.BUT when going to mydomain.com/index.php?setlang=www.google.com/file.txt
it shows mysite.IT must show 505 METHOD NOT IMPLEMENT!
Also when scanning with acunetix scanner it shows my whole site.BUT IT SHOULDNT SHOW IT CAUSE I HAVE MODSECURITY.
The only thing that works is:
Apache/2.2.0 (Windows 2003 Server) PHP/5.2.4-2ubuntu5.6 with Suhosin-Patch
Operating system Unknown
Thats false info cause my server i ubuntu.It means that this info has been modified by modsecurity.But nothing else works.
PLEASE HEEELLLPP
|
Posted by jphilipson, 06-23-2009, 11:38 AM | you need to go through your modsec_audit.log and see what rule is being triggered by your site. The add an exception or remove the rule.
|
Posted by ncntnb, 06-23-2009, 11:40 AM | my site is not protected
|
Posted by ncntnb, 06-23-2009, 01:06 PM | The prob is the rules.They are not fully working or somethig like that
|
|
Add to Favourites
Print this Article |