1

After spending ~24 hours trying and failing to setup mod_security in Ubuntu 10.04 LTS, I've finally decided that I'm going to need some help. I've tried pretty much every tutorial I can find with a variety of rule sets - and I never seem to get the most recent version and if I finally get any build working (which is rare) then I just encounter a 400 errors on every page I try to access.

I've just removed all of my mod_security install stuff, and have decided I'll try again from some community instructions (since all documentation seems way behind). Could anyone help or offer me instructions to setup mod_security with a decent rule set?

1 Answers1

2

This is done by sudo apt-get install libapache-mod-security. Done.

mailq
  • 16,882
  • 2
  • 36
  • 66
  • I tried this - but it seems to install a reasonably old version and I'm not sure which rules to use with it (plus - when I get it working, I get 400 errors everywhere) –  Sep 09 '11 at 21:37
  • 1) You installed LTS, so it is old by design (for security!) 2) Use the rules you **need**. How should we know what you need? 3) You didn't show any 400 error to debug ---> New question with more info, please. – mailq Sep 10 '11 at 07:31
  • I'd much prefer to just download a general ruleset with all of the common security exploits fixed up though - which ruleset should I use for this to work with the version of mod-security that is in the Ubuntu 10.04 apt-get repo. As for 400 error - I'll make sure that I post another question with that if I run into the error after downloading the ruleset you recommend. –  Sep 10 '11 at 11:18
  • I will **never** recommend any ruleset. I don't trust rulesets from any source I haven't personally reviewed. In the end you blame me recommending a ruleset not suitable for your needs or even worse one that stops legitimate users from visiting your site. – mailq Sep 10 '11 at 15:54