Installing mod_security for Apache 2.4

apache-2.4centos6mod-security

I am trying to install mod_security on a server running Apache 2.4 – if I try and use:

yum install mod_security

it tells me Apache 2.2.15 is a dependency and won't install without this.

I then tried downloading mod_security and compiling it which eventually works but only after requiring httpd-devel due to a dependancy for APXS.

Due to needing to install httpd-devel, mod_security then gets installed for 2.2.15 and the modules do not appear to work with 2.4 – when I try to restart httpd I get an error:

Starting httpd: httpd: Syntax error on line 57 of /opt/httpd/conf/httpd.conf: Cannot load modules/mod_security2.so into server: /opt/httpd/modules/mod_security2.so: undefined symbol: ap_log_error

modules/mod_security2.so was copied manually from /etc/httpd/modules (Apache 2.2.15 directory).

Is there a specific install process for Apache 2.4 which does not require mixing things up by needing to install bits of 2.2?

Best Answer

It's likely you still have Apache 2.2 installed and when you configured ModSecurity it built it for 2.2.

Here's the steps I use to install ModSecurity from source based on Apache installed in /usr/local/apache2:

#Download ModSecurity
wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz
wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz.sha256

#Config checksum of download
sha256sum -c modsecurity-2.9.1.tar.gz.sha256

#Install ModSecurity:
tar -xvf modsecurity-2.9.1.tar.gz
cd modsecurity-2.9.1
./configure --with-apxs=/usr/local/apache2/bin/apxs
make
sudo make install
cp /usr/local/modsecurity/lib/mod_security2.so /usr/local/apache2/modules

Then configure it in Apache config.

Hope that helps.

Related Topic