ModSecurity Web Application Firewall
ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking.
- Install ModSecurity on Debian
- Install Nginx ModSecurity on CentOS 7
- Disable ModSecurity for a specific URL
- Apache 413 Request Entity Too Large
- How to disable a rule in ModSecurity Apache
- cPanel Request body no files data length is larger than the configured limit
To install ModSecurity on Ubuntu/Debian with Apache, run
1 |
apt install libapache2-mod-security2 -y |
verify Apache module is installed with
1 |
apachectl -M | grep security |
Enable config file
1 |
mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf |
Update config
1 2 |
sed -i "s/SecRuleEngine DetectionOnly/SecRuleEngine On/" /etc/modsecurity/modsecurity.conf sed -i "s/SecResponseBodyAccess On/SecResponseBodyAccess Off/" /etc/modsecurity/modsecurity.conf |
Restart Apache
1 |
systemctl restart apache2 |