Current time: 11-22-2024, 08:12 PM Hello There, Guest! (LoginRegister)


Post Reply 
[HowTo] mod-security2 en apache2
Author Message
shiizpa Offline
Junior Member
*

Posts: 69
Joined: Mar 2009
Reputation: 2
Post: #1
[HowTo] mod-security2 en apache2
ModSecurity es un módulo de Apache que proporciona detección de intrusos y la prevención de las aplicaciones web. Su objetivo es la protección de aplicaciones web de ataques conocidos y desconocidos, tales como ataques de inyección SQL, cross-site scripting, ataques vía transversal, etc.

Antes en las Response Headers
Code:
Server: apache2.11(debian) mod_fastcgi/2.4.6

Ahora
Code:
Server: Microsoft-IIS/7.0 mod_fastcgi/2.4.6

1. Agragamos las source segun nuestra distribucion de debian
Code:
nano /etc/apt/sources.list

PHP Code:
#Packages for Sid:
deb http://etc.inittab.org/~agi/debian/libapache-mod-security2 ./

#Packages for Etch are in etch/
deb http://etc.inittab.org/~agi/debian/libapache-mod-security2/etch ./

#Packages for Sarge (apache2.0) are in sarge/
deb http://etc.inittab.org/~agi/debian/libapache-mod-security2/sarge ./ 

2. Actualizamos las listas
Code:
apt-get update

3.Instalamos el mod
Code:
apt-get install libapache2-mod-security2

4.Configuración
Code:
nano /etc/apache2/apache2.conf

Agregamos esto al final de apache2.con antes de "# Include the virtual host configurations:"

PHP Code:
[...]
ServerTokens Full
SecServerSignature 
"Microsoft-IIS/5.0" #Pueden colocar cualquir nombre aca 
<IfModule mod_security2.c>
    
# Basic configuration options
    
SecRuleEngine On
    SecRequestBodyAccess On
    SecResponseBodyAccess Off

    
# Handling of file uploads
    # TODO Choose a folder private to Apache.
    # SecUploadDir /opt/apache-frontend/tmp/
    
SecUploadKeepFiles Off

    
# Debug log
    
SecDebugLog /var/log/apache2/modsec_debug.log
    SecDebugLogLevel 0

    
# Serial audit log
    
SecAuditEngine RelevantOnly
    SecAuditLogRelevantStatus 
^5
    SecAuditLogParts ABIFHZ
    SecAuditLogType Serial
    SecAuditLog 
/var/log/apache2/modsec_audit.log

    
# Maximum request body size we will
    # accept for buffering
    
SecRequestBodyLimit 131072

    
# Store up to 128 KB in memory
    
SecRequestBodyInMemoryLimit 131072

    
# Buffer response bodies of up to
    # 512 KB in length
    
SecResponseBodyLimit 524288

</IfModule>

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled

y ya estamos listos para reiniciar nuestro apache

Code:
/etc/init.d/apache2 restart

y ahora a disfrutar de nuestro apache mucho mas seguro probado y funcionando en debian lenny!!
(This post was last modified: 04-07-2009 06:58 AM by shiizpa.)
04-07-2009 06:54 AM
Find all posts by this user Quote this message in a reply
adivor Offline
Junior Member
*

Posts: 42
Joined: Apr 2009
Reputation: 0
Post: #2
RE: [HowTo] mod-security2 en apache2
xxxxxxxvps:~# apt-get install libapache2-mod-security2 E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct the problem.
adivorvps:~#

why?
(This post was last modified: 07-12-2009 09:42 AM by adivor.)
07-12-2009 09:42 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #3
RE: [HowTo] mod-security2 en apache2
You had errors on a previous apt-get run, so now it needs to perform some cleanup before installing something else. Just follow the instructions...
07-17-2009 07:49 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)