Need to migrate your e-mails to a new server? Free and paid versions of our online tool available.
Hero Image

Install ModSecurity WAF on Apache – Gentoo Linux

apache gentoo apache

Install ModSecurity WAF on Apache – Gentoo Linux

Step 1 – Install

emerge --ask www-apache/mod_security
rc-service apache2 restart

Step 2 – Enable detection mode

cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf 2>/dev/null || \
   cp /usr/share/doc/libapache2-mod-security2/examples/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/modsecurity/modsecurity.conf

Step 3 – OWASP Core Rule Set

cd /etc/modsecurity
git clone https://github.com/coreruleset/coreruleset.git crs
cp crs/crs-setup.conf.example crs/crs-setup.conf

Add to Apache config:

IncludeOptional /etc/modsecurity/*.conf
IncludeOptional /etc/modsecurity/crs/crs-setup.conf
IncludeOptional /etc/modsecurity/crs/rules/*.conf

Step 4 – Reload and test

apachectl configtest && systemctl reload apache2 2>/dev/null || apachectl configtest && rcctl reload apache2
curl 'http://localhost/?q=<script>alert(1)</script>'
# Expect 403 Forbidden
Previous Post Next Post