1. 安装
$ su
$ yum install mod_security mod_evasive
$ ls -l /etc/httpd/conf.d
# 编译与安装 ModSecurity
$ cd /usr/local/src
$ wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz
$ tar zxvf modsecurity-2.9.1.tar.gz
$ cd modsecurity-2.9.1
$ ./autogen.sh
$ ./configure --enable-standalone-module --disable-mlogc
$ make
$ cd /usr/local/src/modsecurity-2.9.1
$ cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
$ cp unicode.mapping /etc/httpd/conf.d/unicode.mapping
# 下载 OWASP ModSecurity Core Rule Set (CRS)
$ cd /etc/httpd
$ git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
$ cd owasp-modsecurity-crs
$ cp crs-setup.conf.example crs-setup.conf
2. 设置
2.1) 编辑 mod_evasive.conf
$ gedit /etc/httpd/conf.d/mod_evasive.conf
LoadModule evasive20_module modules/mod_evasive24.so
2.2) 编辑 mod_security.conf
$ gedit /etc/httpd/conf.d/mod_security.conf
LoadModule security2_module modules/mod_security2.so
2.3) 编辑 httpd.conf
$ gedit /etc/httpd/conf/httpd.conf
<IfModule security2_module>
Include owasp-modsecurity-crs/crs-setup.conf
Include owasp-modsecurity-crs/rules/*.conf
</IfModule>
2.4) 创建 tecmint.conf
$ gedit /etc/httpd/modsecurity.d/tecmint.conf
<IfModule mod_security2.c>
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess On
SecResponseBodyMimeType text/plain text/html text/xml application/octet-stream
SecDataDir /tmp
</IfModule>
2.5) 编辑 mod_evasive.conf
$ gedit /etc/httpd/conf.d/mod_evasive.conf
<IfModule mod_evasive24.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>
3. 重启
$ systemctl restart httpd
$ httpd -M | grep -Ei '(evasive|security)'
没有评论:
发表评论