Platform: Ubuntu 16.04.3 LTS
1. Apache源码安装
1.1 安装包
wget http://archive.apache.org/dist/apr/apr-1.4.5.tar.gz
wget http://archive.apache.org/dist/apr/apr-util-1.3.12.tar.gz
wget http://jaist.dl.sourceforge.net/project/pcre/pcre/8.10/pcre-8.10.zip
wget http://mirrors.tuna.tsinghua.edu.cn/apache//httpd/httpd-2.4.29.tar.gz
1.2 解压缩
.tar.gz -- tar -zvxf
.zip -- unzip -o
1.3 apr/apr-util/pcre安装
./configure --prefix=/usr/local/apr
make && make install
./configure --prefix=/usr/local/apr-util \
--with-apr=/usr/local/apr/
make && make install
./configure --prefix=/usr/local/pcre
make && make install
1.4 apache安装
./configure --prefix=/usr/local/httpd/ \
--sysconfdir=/etc/httpd/ \
--with-include-apr \
--disable-userdir \
--enable-so \
--enable-defate=shared \
--enable-expires-shared \
--enable-rewrite=shared \
--enable-static-support \
--with-apr=/usr/local/apr/ \
--with-apr-util=/usr/local/apr-util/bin \
--with-pcre=/usr/local/pcre/ \
--with-ssl \
--with-z \
make && make install
1.5 启动
cp /usr/local/httpd/bin/apachectl /etc/init.d/httpd
/etc/init.d/httpd start
1.6 Apache代理配置
#加载proxy模块
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
#代理配置
<VirtualHost *:80>
ServerName 172.16.77.66
ProxyPass / http://172.16.77.67:8081/
ProxyPassReverse / http://172.16.77.67:8081/
</VirtualHost>
2. Mod_security安装
2.1 安装包
https://www.modsecurity.org/tarball/2.9.2/modsecurity-2.9.2.tar.gz
2.2 依赖
APR:Apache Portable Runtime (Apache Portable Runtime Project, retrieved 29 December 2016)
APU:APR-Util (Apache Portable Runtime Project, retrieved 29 December 2016)
libcurl (libcurl, retrieved 29 December 2016)
libxml2 (xmlsoft.org, retrieved 29 December 2016)
Lua 5.2 (Lua.org, retrieved 29 December 2016)
PCRE:Perl Compatible Regular Expressions (PCRE, retrieved 29 December 2016)
ssdeep (SourceForge, retrieved 29 December 2016)
YAJL (GitHub, retrieved 29 December 2016)
2.3 安装依赖
apt-get install libcurl3-dev libxml2-dev libfuzzy-dev libyajl-dev
2.4 安装modsecurity
./configure --with-apxs=/usr/local/httpd/bin/apxs \
--with-apr=/usr/local/apr/ \
--with-apu=/usr/local/apr-util/bin \
--with-pcre=/usr/local/pcre/ \
make && make install
2.5 确认Apache已添加Mod_security模块
root@66:/usr/local/httpd/modules# ll
......
-r--r--r-- 1 root root 2614880 Dec 5 03:46 mod_security2.so
......
2.6 确认Apache和Mod_security指向同一个PCRE库
root@66:/usr/local# ldd httpd/bin/httpd | grep pcre
libpcre.so.1 => /usr/local/pcre/lib/libpcre.so.1 (0x00007f8807a94000)
root@66:/usr/local# ldd httpd/modules/mod_security2.so | grep pcre
libpcre.so.1 => /usr/local/pcre/lib/libpcre.so.1 (0x00007f32aa0e2000)
2.7 为Mod_security添加权限
root@66:/usr/local/httpd/modules# chmod +wx mod_security2.so
root@66:/usr/local/httpd/modules# ll
......
-rwxr-xr-x 1 root root 2614880 Dec 5 03:46 mod_security2.so*
......
2.8 在Apache上加载Mod_security模块
#加载Mod_security模块
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
#Mod_security配置
<IfModule security2_module>
Include /etc/httpd/extra/security_main.conf
</IfModule>
- OWASP Mod_security Core Rule Set
owasp-modsecurity-crs