Lines 1-11
Link Here
|
1 |
Configuring ModSecurity on FreeBSD |
1 |
Configuring ModSecurity on FreeBSD |
2 |
---------------------------------- |
2 |
---------------------------------- |
3 |
|
3 |
|
4 |
To enable ModSecurity in Apache, add the following to your httpd.conf: |
4 |
To enable ModSecurity in Apache, follow the instructions in |
5 |
|
5 |
|
6 |
LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so |
6 |
%%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% |
7 |
Include etc/modsecurity/*.conf |
|
|
8 |
|
7 |
|
|
|
8 |
ModSecurity has various configuration options. |
9 |
To change them, edit the following file: |
10 |
|
11 |
%%ETCDIR%%/modsecurity.conf |
12 |
|
9 |
Getting the Core Rule Set |
13 |
Getting the Core Rule Set |
10 |
------------------------- |
14 |
------------------------- |
11 |
|
15 |
|
Lines 16-26
Link Here
|
16 |
under it. |
20 |
under it. |
17 |
|
21 |
|
18 |
pkg install git |
22 |
pkg install git |
19 |
cd /usr/local/etc/modsecurity |
23 |
cd %%ETCDIR%% |
20 |
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs |
24 |
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs |
21 |
cp owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example \ |
25 |
cp owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example \ |
22 |
crs.conf |
26 |
crs.conf |
23 |
|
27 |
|
|
|
28 |
The CRS has various config options. To change them, edit crs.conf. |
29 |
|
24 |
To activate the CRS base rules, add the following to your httpd.conf: |
30 |
To activate the CRS base rules, add the following to your httpd.conf: |
25 |
|
31 |
|
26 |
Include etc/modsecurity/owasp-modsecurity-crs/base_rules/*.conf |
32 |
Include etc/modsecurity/owasp-modsecurity-crs/base_rules/*.conf |
Lines 78-83
Link Here
|
78 |
You probably want to keep the CRS updated from time to time. You can |
84 |
You probably want to keep the CRS updated from time to time. You can |
79 |
do this with Git: |
85 |
do this with Git: |
80 |
|
86 |
|
81 |
cd /usr/local/etc/modsecurity/owasp-modsecurity-crs |
87 |
cd %%ETCDIR%%/owasp-modsecurity-crs |
82 |
git pull |
88 |
git pull |
83 |
apachectl restart |
89 |
apachectl restart |