If you’re the proud owner of a dedicated server running CentOS (Seems like most people are favoring the Linux distro these days!) then you owe it to yourself to install a simple utility called ModSecurity. The service is an application firewall that prevents your server from weakness open to exploit in various web applications. It’s not a fool-proof method of tightening your server, but it’s certainly better than nothing—in our eyes, a lot better than nothing.
Thankfully, it’s not hard to install, either. You will need to have a basic understanding of the terminal, as well as how to add repositories to YUM, though. If you’re fuzzy about either of these aspects, we strongly suggest you perform a quick Google search to educate yourself. They’re basic functions that you’ll need to learn eventually, and knowing how to do each well will benefit you greatly during this tutorial.
If you have both fronts covered, then you’re officially ready to march on, Soldier!
1. Add the Repo: You’ll first need to add the actual ModSecurity repository, as it’s not a stock part of YUM. To do so, type the following into terminal:
cd /etc/yum.repos.d
You’ll then need to create a file called utterramblings.repo
touch utterramblings.repo
Edit the file with “vi” or “nano,” then insert the following bits into the text:
[utterramblings]
name=Jason’s Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
2. Install: To finish the process off, just type the following and hope for the best!
yum install mod_security
That’s all there is to it! Now your server is slightly safer, and none the worse for the wear! This should be a painless procedure, but if anything should go wrong, you can always check the ModSecurity website for further information or the occasionally helpful bit of tech support.
Likewise, if you’d rather not have that extra YUM repository sitting about, you’re free to delete it once installed. However, doing so prevents you from easily obtaining any new updates without first adding the resource back. If that doesn’t sound like a problem, then power on, Pilgrim. Otherwise, we’d suggest you leave the file where it is and let it soak. If you’re fuzzy about how to add and edit repositories to CentOS, you can always look at this guide to get a quick reference point.
3 Comments
Most of the time, the issues could be very personal. Thus, it would be hard to create such a troubleshooting guide.
Is there a version for CentOS 6?
Tried the steps mention above and they did not work on CentOS 6.
The challenge is not the installation of modsecurity but the configuration and troubleshooting when something stops working. It would have been nice if you had added a howto get started without shooting yourself in your foot guide.