ModSecurity Web Application Firewall
ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking.
- Install ModSecurity on Debian
- Install Nginx ModSecurity on CentOS 7
- Disable ModSecurity for a specific URL
- Apache 413 Request Entity Too Large
- How to disable a rule in ModSecurity Apache
- cPanel Request body no files data length is larger than the configured limit
To install ModSecurity on Ubuntu/Debian with Apache, run
apt install libapache2-mod-security2 -y
verify Apache module is installed with
apachectl -M | grep security
Enable config file
mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
Update config
sed -i "s/SecRuleEngine DetectionOnly/SecRuleEngine On/" /etc/modsecurity/modsecurity.conf sed -i "s/SecResponseBodyAccess On/SecResponseBodyAccess Off/" /etc/modsecurity/modsecurity.conf
Restart Apache
systemctl restart apache2