Well, I've been searching a way to easily install modsec to my Hardy. A lot of tutorials on the net is written based on manual compile the module. Well, after searching for about two hours or more, I manage to find an easy way to install modsec(Mod-Security) for apache2.
As usual, Ubuntu system is a debian based distribution. So this tutorial is taken based on Debian Sid's tutorial. Before I begin, here is a rough introduction of what is a 'modsec':
ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making their systems secure. WAFs are deployed to establish an increased external security layer to detect and/or prevent attacks before they reach web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure.I hope you will understand the consequences of installing modsec to your ubuntu webserver. If anything goes wrong, it will affect your webserver operation. Follow the instructions carefully and for safety, please do it experimentally before proceed to a production server.
Taken from ModSecurity Website
We start by gaining root access:
su -sEnter your root password when being asked by the console. After gaining your root level, now we need to edit your sources.list:
nano /etc/apt/sources.listAdd at the end of the file in a new line:
Save and exit the sources.list. After exiting the text editor, you need to update your apt. Please do:deb http://etc.inittab.org/~agi/debian/libapache-mod-security2/2.5.x ./
apt-get updateIf nothing goes wrong, and everything is in place, your apt-get update will not return any errors. Soon after update finish, you may install your modsec by doing 'apt-cache modsec' and 'apt-get install [return value from apt-cache]'. It's simple isnt it?
So happy hardening your server. If there is any problem with this tutorial, please leave a comment. Thank you