Install ModSecurity WAF on Apache – RHEL 9
ModSecurity is an open-source Web Application Firewall (WAF) for Apache.
Step 1 – Install ModSecurity
dnf install -y mod_security
systemctl restart httpdStep 2 – Configure ModSecurity
Copy the recommended baseline configuration:
cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf 2>/dev/null || \
cp /usr/share/doc/libapache2-mod-security2/examples/modsecurity.conf-recommended \
/etc/modsecurity/modsecurity.conf 2>/dev/nullSet engine to On:
sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/modsecurity/modsecurity.confStep 3 – Install OWASP Core Rule Set (CRS)
cd /etc/modsecurity
git clone https://github.com/coreruleset/coreruleset.git crs
cp crs/crs-setup.conf.example crs/crs-setup.confAdd to Apache config:
IncludeOptional /etc/modsecurity/*.conf
IncludeOptional /etc/modsecurity/crs/crs-setup.conf
IncludeOptional /etc/modsecurity/crs/rules/*.confStep 4 – Test and reload Apache
apachectl configtest && systemctl reload apache2 2>/dev/null || \
apachectl configtest && rc-service apache2 reloadStep 5 – Test WAF is active
curl 'http://localhost/?q=<script>alert(1)</script>'
# Should receive 403 Forbidden