Obsolete Releases > SME 8.x Contribs

mod_security for Apache

(1/1)

newburns:
I was told that running so many applications on my web server, I would greatly benefit from mod_security. This was during an assessment from a consultant analyzing penetrations and intrusions.


--- Code: ---yum --enablerepo=smecontribs --enablerepo=dag --enablerepo=fws --enablerepo=epel install mod_security

--- End code ---


--- Code: ---================================================================================
 Package               Arch            Version              Repository     Size
================================================================================
Installing:
 mod_security          x86_64          2.6.8-4.el5          epel          159 k

Transaction Summary
================================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 159 k

--- End code ---

Should I proceed. I do not have a test server at the moment, but I'm not really sure what mod_security does to the rest of my server to truly understand if it will break it. Just looking for advice

Jean-Philippe Pialasse:
As far as I know, installing it won't configure it, so you are pretty safe, as you will only have some more files on your server.

You will then need to use a template custom to insert a line to load it in you httpd.conf and then configure all the rules you want..... and finally expand templates and reload httpd-e-smith.... and that is only there you might see some trouble if all is not weel set !

CharlieBrady:

--- Quote from: newburns on June 13, 2013, 07:57:07 AM ---Should I proceed. I do not have a test server at the moment, ...

--- End quote ---

You can set up a VM on any modern workstation or laptop. Or you could buy a used computer for < $100.

Navigation

[0] Message Index