CentOS 6 apache 2.4 modsecurity 2.9 compile install
어플리케이션 계정 생성
# useradd -d /app app
# passwd app
Changing password for user app.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
|
의존 패키지 설치
# yum install gcc gcc-c++ make perl zip unzip wget git zlib-devel libxml2 libxml2-devel ncurses ncurses-devel expat expat-devel
|
소스파일 다운로드
# mkdir /app/src/
# cd /app/src
# wget https:
# wget https:
# wget https:
# wget https:
# wget https:
# wget https:
|
압축해제
# tar zxvf apr- 1.5 . 2 .tar.gz
# tar zxvf apr-util- 1.5 . 4 .tar.gz
# tar zxvf httpd- 2.4 . 25 .tar.gz
# tar zxvf openssl- 1.0 .2j.tar.gz
# tar zxvf pcre- 8.39 .tar.gz
# tar zxvf modsecurity- 2.9 . 1 .tar.gz
|
파일 소유자 변경
pcre 8.39 설치
# cd /app/src/pcre- 8.39
# ./configure
# make && make install
|
openssl 1.0.2j 설치
# cd /app/src/openssl- 1.0 .2j
# ./config --prefix=/usr/local/openssl- 1.0 .2j -fPIC enable-tlsext
# make && make install
# mv /usr/bin/openssl /usr/bin/openssl.bak
# ln -s /usr/local/openssl- 1.0 .2j/bin/openssl /usr/bin/openssl
# openssl version
OpenSSL 1.0 .2j 26 Sep 2016
|
Apache 2.4.25 설치
# su - app
$ mkdir -p /app/server
$ mkdir -p /app/dev
$ cd /app/src/
$ cp -R apr- 1.5 . 2 httpd- 2.4 . 25 /srclib/apr
$ cp -R apr-util- 1.5 . 4 httpd- 2.4 . 25 /srclib/apr-util
$ cd httpd- 2.4 . 25
$ ./configure --prefix=/app/server/httpd- 2.4 . 25 --with-ssl=/usr/local/openssl- 1.0 .2j --with-included-apr
$ make && make install
|
ModSecurity 설치
$ cd /app/src/modsecurity- 2.9 . 1
$ ./configure --prefix=/app/dev/modsecurity- 2.9 . 1 --with-apxs=/app/server/httpd- 2.4 . 25 /bin/apxs --with-apr=/app/server/httpd- 2.4 . 25 /bin/apr- 1 -config --with-apu=/app/server/httpd- 2.4 . 25 /bin/apu- 1 -config
$ make && make install
$ cp modsecurity.conf-recommended /app/server/httpd- 2.4 . 25 /conf/modsecurity.conf
$ cp unicode.mapping /app/server/httpd- 2.4 . 25 /conf/
$ chmod 755 /app/server/httpd- 2.4 . 25 /modules/mod_security2.so
$ cd /app/server/httpd- 2.4 . 25 /
$ git clone https:
$ mv owasp-modsecurity-crs/ modsecurity-crs
$ cd modsecurity-crs
$ cp crs-setup.conf.example crs-setup.conf
|
Apache 설정 파일 수정
$ vi /app/server/httpd- 2.4 . 25 /conf/httpd.conf
LoadModule security2_module modules/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
# ModSecurity configuration
<IfModule security2_module>
Include conf/modsecurity.conf
Include modsecurity-crs/crs-setup.conf
Include modsecurity-crs/rules/*.conf
</IfModule>
|
Apache 기동
# /app/server/httpd- 2.4 . 25 /bin/apachectl start
|
원문
https://www.rndit.net/confluence/display/DEV/CentOS+6+apache+2.4+modsecurity+2.9+compile+install
댓글