Koozali.org: home of the SME Server
Obsolete Releases => SME 8.x Contribs => Topic started by: newburns on June 13, 2013, 07:57:07 AM
-
I was told that running so many applications on my web server, I would greatly benefit from mod_security. This was during an assessment from a consultant analyzing penetrations and intrusions.
yum --enablerepo=smecontribs --enablerepo=dag --enablerepo=fws --enablerepo=epel install mod_security
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
mod_security x86_64 2.6.8-4.el5 epel 159 k
Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 159 k
Should I proceed. I do not have a test server at the moment, but I'm not really sure what mod_security does to the rest of my server to truly understand if it will break it. Just looking for advice
-
As far as I know, installing it won't configure it, so you are pretty safe, as you will only have some more files on your server.
You will then need to use a template custom to insert a line to load it in you httpd.conf and then configure all the rules you want..... and finally expand templates and reload httpd-e-smith.... and that is only there you might see some trouble if all is not weel set !
-
Should I proceed. I do not have a test server at the moment, ...
You can set up a VM on any modern workstation or laptop. Or you could buy a used computer for < $100.