How to Install ModSecurity on CentOS 7 and Configure OWASP CRS for Enhanced Web Security
Securing your web server is crucial in today’s digital environment, especially when dealing with sensitive data. One of the most effective ways to bolster your Apache web server security is by installing ModSecurity, a powerful web application firewall (WAF), along with the OWASP CRS (Core Rule Set) for advanced protection. This guide will walk you through the steps to install ModSecurity on CentOS 7, including integrating OWASP CRS for added defense.
Prerequisites for Installing ModSecurity on CentOS 7
Before you begin, ensure that your CentOS 7 server is up to date. Log in as the “root” user and update the system with the following command:
# yum -y update
Next, you need to install the necessary dependencies. ModSecurity 2.x works only with Apache 2.0.x or higher, so install Apache and other essential libraries using this command:
# yum install gcc make httpd-devel libxml2 pcre-devel libxml2-devel curl-devel git
Step 1: Installing ModSecurity on CentOS 7
Now, let’s begin by installing ModSecurity. Start by navigating to the /opt/ directory:
# cd /opt/
Then, download the ModSecurity source code package:
# wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz
After downloading, extract the tarball and navigate into the extracted directory:
# tar xzfv modsecurity-2.9.1.tar.gz
# cd modsecurity-2.9.1
Once inside the directory, configure, compile, and install ModSecurity by running the following commands:
# ./configure
# make install
Step 2: Configuring ModSecurity
With ModSecurity installed, you need to configure it for optimal performance. Start by copying the recommended configuration files to the appropriate directory:
# cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
# cp unicode.mapping /etc/httpd/conf.d/
Next, open the Apache configuration file (/etc/httpd/conf/httpd.conf) and add the following lines to load the necessary ModSecurity modules:
# cat /etc/httpd/conf/httpd.conf
LoadModule security2_module modules/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
Finally, restart Apache to apply the changes:
# systemctl restart httpd.service
# systemctl status httpd.service
# systemctl enable httpd.service
Step 3: Installing and Configuring OWASP CRS
OWASP CRS is a set of security rules designed to work with ModSecurity, providing additional protection against common web vulnerabilities. To install it, navigate to the /etc/httpd/ directory and clone the OWASP CRS repository:
# cd /etc/httpd
# git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
# mv owasp-modsecurity-crs modsecurity-crs
# cd modsecurity-crs
# cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf
Again, open the Apache configuration file (/etc/httpd/conf/httpd.conf) and add the following lines to load the CRS configuration:
# cat /etc/httpd/conf/httpd.conf
LoadModule security2_module modules/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
Once this is done, restart Apache again to activate the OWASP CRS:
# systemctl restart httpd.service
Step 4: Why Use ModSecurity and OWASP CRS?
By following the above steps, your CentOS 7 Apache server will be better protected against various types of web threats. Here are a few key advantages:
- Real-time Blacklist Lookups: ModSecurity utilizes third-party IP reputation services to block known malicious IPs.
- Web-based Malware Detection: It can detect malicious web content by checking against the Google Safe Browsing API.
- Identification of Application Defects: It alerts you to potential application misconfigurations that could compromise your server’s security.
- HTTP Denial of Service (DoS) Protection: Protects your server from attacks like HTTP Flooding and Slow HTTP DoS attacks.
These features make ModSecurity and OWASP CRS an essential toolset for any server running Apache.
Enhance Your Server Security with ZippyOPS
While ModSecurity and OWASP CRS provide great protection, integrating comprehensive security solutions such as DevOps, DevSecOps, and Cloud Security can further enhance your infrastructure. At ZippyOPS, we offer expert consulting, implementation, and managed services to optimize your web security, including AIOps, MLOps, and Infrastructure Management.
If you’re looking to strengthen your server security or integrate advanced security practices, ZippyOPS can guide you through every step. From automated operations to microservices, we can tailor solutions to your needs. Learn more about our services and solutions here and explore our products here.
For more insights, check out our YouTube channel for tutorials and tips on optimizing your security framework.
For consulting or inquiries, contact us at sales@zippyops.com.
Conclusion for install ModSecurity and configure
By following the steps outlined in this guide, you can effectively install and configure ModSecurity and OWASP CRS on your CentOS 7 server, ensuring a high level of security. Keep in mind that integrating automated operations, cloud security, and advanced monitoring with solutions like those offered by ZippyOPS can further strengthen your server infrastructure and protect against emerging threats.
