How to Install the Mod Security Apache Module on Ubuntu & Debian

How to Install the ModSecurity Apache Module on Ubuntu 16.04 18.04 20.04 22.04 and Debian

ModSecurity is an open-source web application firewall (WAF) that helps to protect your web applications from various types of attacks. It can be integrated with the Apache and Debian web server as a module to provide additional security for your website. In this tutorial, we will show you how to install the ModSecurity Apache module on an Ubuntu server running Apache.

Prerequisites

Before you begin, you will need the following:

  • An Ubuntu version 16.04, 18.04, 20.04, 22.04 (or Debian) server running Apache
  • Root access to the server

Step 1: Install Required dependencies

To install ModSecurity, you will need to install some dependencies. You can install them by running the following command:

$ sudo apt-get install -y libapache2-mod-security2

Step 2: Enable the Mod Security Apache Module

To enable the ModSecurity Apache module, you will need to run the following command:

$ sudo a2enmod security2

This command will enable the mod_security2 module for Apache.

Step 3: Configure Apache to Use the ModSecurity Apache Module

Once the module is installed, you will need to configure Apache to use it. To do this, you will need to edit the Apache configuration file (usually located at /etc/apache2/mods-enabled/security2.conf).

You can make any changes you want to the module’s configuration in this file.

Step 4: Restart Apache

Finally, you need to restart Apache for the changes to take effect.

$ sudo systemctl restart apache2

Now, the ModSecurity Apache module should be installed and configured on your Ubuntu server. You can check if the module is working by looking at the Apache error log (usually located at /var/log/apache2/error.log) or by running apache2ctl -M command. You can also check the default rules that come with the module in the directory /usr/share/modsecurity-crs/ and configure it to your liking.

LEAVE A COMMENT