Ubuntu 12.04 Precise LTS: Install ModSecurity for Apache 2 web server

Install ModSecurity:   

sudo apt-get install libxml2 libxml2-dev libxml2-utils libaprutil1 libaprutil1-dev libapache-mod-security

If your Ubuntu is 64bit, you need to fix a bug:   

sudo ln -s /usr/lib/x86_64-linux-gnu/libxml2 .so.2 /usr/lib/libxml2 .so.2

Configure ModSecurity:   

sudo mv /etc/modsecurity/modsecurity .conf-recommended /etc/modsecurity/modsecurity .conf; sudo vi /etc/modsecurity/modsecurity .conf

Enable the rule engine:   

SecRuleEngine On

Increase the request body size limit to 10Mb(Optional, only if your site accepts uploads):   

SecRequestBodyLimit 10000000
SecRequestBodyInMemoryLimit 10000000

Check the ModSecurity version:   

dpkg -s libapache-mod-security | grep Version

The installed ModSecurity version is:   

Version: 2.6.3-1ubuntu0.2

Install OWASP ModSecurity Core Rule Set:   

1. Download the rule set(version 2.2.5 because the latest version requires ModSecurity 2.7.0+):       

   wget https: //github .com /SpiderLabs/owasp-modsecurity-crs/tarball/v2 .2.5 -O /tmp/owasp . tar .gz

2. Extract the package:       

   cd /tmp ; tar -zxvf owasp. tar .gz; rm owasp. tar .gz

3. Copy the directory to /etc/modsecurity, and set the permissions:       

   sudo mv SpiderLabs-owasp-modsecurity-crs-5c28b52/ /etc/modsecurity/owasp-crs
   sudo chmod -R 644 /etc/modsecurity/owasp-crs

4. Link the rules to /etc/modsecruity/owasp-crs/activated_rules directory:       

   sudo mv /etc/modsecurity/owasp-crs/modsecurity_crs_10_setup .conf.example /etc/modsecurity/owasp-crs/modsecurity_crs_10_setup .conf
   cd /etc/modsecurity/owasp-crs/activated_rules/
   sudo ln -s .. /modsecurity_crs_10_setup .conf
   for f in $( ls .. /base_rules/ ); do sudo ln -s .. /base_rules/ $f; done
   for f in $( ls .. /optional_rules/ ); do sudo ln -s .. /optional_rules/ $f; done

5. Modify /etc/apache2/mods-available/mod-security.conf to include the rules:       

   sudo vi /etc/apache2/mods-available/mod-security .conf

   Add the following line:       

   Include "/etc/modsecurity/owasp-crs/activated_rules/*.conf"

6. Enable headers module:       

   sudo a2enmod headers

   This to fix the following error:

   Syntax error on line 29 of /etc/apache2/conf.d/modsecurity/optional_rules/modsecurity_crs_49_header_tagging.conf:
   Invalid command 'RequestHeader', perhaps misspelled or defined by a module not included in the server configuration
   Action 'configtest' failed.
   The Apache error log may have more information.
      ...fail!

   when restarting apache2.     

Enable ModSecurity module and restart apache2:   

sudo a2enmod mod-security; sudo /etc/init .d /apache2 restart