{"id":1567,"date":"2026-01-01T21:31:43","date_gmt":"2026-01-01T21:31:43","guid":{"rendered":"https:\/\/b2bhostingclub.com\/blog\/?p=1567"},"modified":"2026-02-04T14:14:37","modified_gmt":"2026-02-04T14:14:37","slug":"how-to-install-the-modsecurity-apache-module","status":"publish","type":"post","link":"https:\/\/b2bhostingclub.com\/blog\/how-to-install-the-modsecurity-apache-module\/","title":{"rendered":"How to Install the ModSecurity Apache Module"},"content":{"rendered":"<div class=\"d-paragraph-card\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters pt-4 pb-1\">\n<h2 id=\"what-is-modsecurity\" class=\"col col-md-12 d-h2 d-color-black d-h2 core-title\">What is ModSecurity?<\/h2>\n<div class=\"col\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">ModSecurity is an open-source web application firewall (WAF) module for the Apache HTTP Server (Apache) and other web servers. It provides an additional layer of security by monitoring and filtering HTTP traffic between a client and a web application. The ModSecurity module is designed to protect web applications from various types of attacks, including but not limited to:<br \/>\n<b>Cross-Site Scripting (XSS) attacks:<\/b>ModSecurity can inspect and filter HTTP requests and responses for malicious scripts or code that could be injected into web pages to exploit vulnerabilities.<br \/>\n<b>SQL Injection attacks:<\/b>ModSecurity can detect and block attempts to execute unauthorized SQL queries by analyzing and validating the contents of HTTP requests.<br \/>\n<b>Remote File Inclusion (RFI) attacks:<\/b>ModSecurity can prevent attackers from including remote files into web applications, which could lead to the execution of malicious code.<br \/>\n<b>Local File Inclusion (LFI) attacks:<\/b>ModSecurity can detect and block attempts to include local files through web application vulnerabilities, which could expose sensitive system files.<br \/>\n<b>Cross-Site Request Forgery (CSRF) attacks:<\/b>ModSecurity can enforce security measures to ensure that requests made to a web application are legitimate and originated from authorized sources.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-paragraph-card\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters pt-4 pb-1\">\n<div class=\"col\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">ModSecurity uses a rule-based engine to analyze and evaluate HTTP requests and responses based on predefined rulesets. These rulesets define patterns and conditions that trigger specific actions, such as blocking, logging, or modifying requests. ModSecurity supports custom rule creation, allowing administrators to tailor the security policies to their specific needs. In this blog, you will learn how to install the ModSecurity Apache module.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-title pt-10 pb-0\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-left d-text-left d-title-inner\">\n<h2 id=\"how-to-install-modsecurity-apache-module\" class=\"col col-md-10 d-h2 d-color-black  core-title\">How to Install ModSecurity Apache Module<\/h2>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-paragraph-card\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters pt-4 pb-1\">\n<h3 class=\"col col-md-12 d-h3 d-color-black d-fs-20 d-fw-600 d-lineheight-24 core-title\">Step 1. Install ModSecurity<\/h3>\n<div class=\"col\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Open a terminal or SSH into your Ubuntu 20.04 server and using the following command the switch to the root user so you have the permission for later operations. Then, input password as prompted.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ sudo -i<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/951de9e15bb34ad2bd9ffadf44ad11c6\/sudo-i.png\" alt=\"Switch to root user using sudo -i\" width=\"800\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Next, update the package repositories to ensure you have the latest package information.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ apt update -y<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/1d0fc8bd259d4f568ca61d6f491c12a6\/apt-update-y.png\" alt=\"update the package repositories\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Download and install the ModSecurity Apache module using the following command and type y and enter.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ apt install libapache2-mod-security2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/ad0757f0e98945a394d48cc2d3e0e898\/apt-install.png\" alt=\"update the package repositories\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Restart the Apache service<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ systemctl restart apache2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/1b59d1e5d2224ef49c5b36571749b049\/restart-apache2.png\" alt=\"Restart the Apache service\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Ensure the installed software version is at least 2.9<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ apt-cache show libapache2-mod-security2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/daa152cd6a724eceb75624e828561222\/apt-cache-show.png\" alt=\"Ensure the installed software version is at least 2.9\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-paragraph-card\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters pt-4 pb-1\">\n<h3 class=\"col col-md-12 d-h3 d-color-black d-fs-20 d-fw-600 d-lineheight-24 core-title\">Step 2. Configure ModSecurity<\/h3>\n<div class=\"col\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Copy the default ModSecurity configuration file to a new file. Then edit the file with your preferred editor. In this case, we use the nano editor.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ cp \/etc\/modsecurity\/modsecurity.conf-recommended \/etc\/modsecurity\/modsecurity.conf\r\n$ nano \/etc\/modsecurity\/modsecurity.conf<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/cb61e6c3aa8f46bebc9330d6fa96c881\/copy-config-nano-config.png\" alt=\"Copy the default ModSecurity configuration file to a new file\" width=\"800\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Change the value of SecRuleEngine from\u00a0<b>DetectionOnly<\/b>\u00a0to\u00a0<b>On<\/b>.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/d6fcd2cdf3da487a831573acd1259c08\/SecRuleEngine-on.png\" alt=\"Change the value of SecRuleEngine\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Then, save the changes by pressing Ctrl + X, followed by y and enter. Next restart Apache service.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ systemctl restart apache2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/79af043d189f4d6da7499ae67efaa1fb\/restart-apache2.png\" alt=\"Restart Apache Service\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\"><b>Download OWASP Core Rule Set<\/b><\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">The OWASP Core Rule Set (CRS) is a set of rules designed to enhance the security of web applications by providing protection against various types of attacks.The OWASP CRS is an open-source project driven by the community. It is continuously updated and maintained by a team of security professionals and volunteers, ensuring that it stays up-to-date with emerging threats and vulnerabilities. By downloading the CRS, you can benefit from the collective knowledge and expertise of the security community.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Remember to regularly update the CRS ruleset to benefit from the latest security enhancements and improvements. To ensure you have the latest ModSecurity rules, you can download the latest ModSecurity Core Rule Set (CRS) from Open Web Application Security Project (OWASP) at\u00a0<a class=\"d-color-primary\" href=\"https:\/\/www.coreruleset.org\/\" target=\"_blank\" rel=\"noopener\">CoreRuleSet.org<\/a>\u00a0and replace the GitHub URL as needed.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ wget https:\/\/github.com\/coreruleset\/coreruleset\/archive\/v3.3.0.zip<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/d1e3acc25a244af2a25f35589ca4fcc3\/wget-core-rules.png\" alt=\"download the latest ModSecurity Core Rule Set (CRS)\" width=\"800\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Verify the checksum of your downloaded file against the provided message digest, replacing &#8220;vFileName&#8221; with the actual file name (e.g. v3.3.0.zip).<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ sha1sum FileName.zip &amp;&amp; echo ProvidedChecksum<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/ec135e18ea1045ef9d1d47feaac30bba\/sha1sum-vfilename.png\" alt=\"Verify the checksum of your downloaded file against the provided message digest\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Then, unzip the file.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ unzip FileName.zip<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/d7c2b12d1a784e4683e25ab108d326da\/unzip-vfilename.png\" alt=\"unzip the file\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Next, move the CRS setup file from the new directory into your ModSecurity directory.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ mv coreruleset-3.3.0\/crs-setup.conf.example \/etc\/modsecurity\/crs-setup.conf<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/cfe1cea325ae490dab9eaa32b0d2c6f6\/mv-coreruleset.png\" alt=\"move the CRS setup file\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">You can also choose to move the rules directory from the new directory to your ModSecurity directory. This step is optional.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ mv coreruleset-3.3.0\/rules\/ \/etc\/modsecurity\/<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/085d246520dd4bffbc0910ba65faa3b5\/mv-modsecurity.png\" alt=\"move the rules directory\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">After that, edit your Apache security2.conf file to ensure it\u2019ll load ModSecurity rules. As always, we use the nano editor.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ nano \/etc\/apache2\/mods-enabled\/security2.conf<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">In the configuration file, make sure the following two lines are included. If not, add them into the file. When you finish the editing, save the file.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">IncludeOptional \/etc\/modsecurity\/*.conf\r\nInclude \/etc\/modsecurity\/rules\/*.conf<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/6dfd5226ec47429db5690c7b6ed6f2e4\/ensure-rules-included.png\" alt=\"edit your Apache security2.conf file\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Restart the Apache service.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ systemctl restart apache2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/498287fff0d04ea4ab0de950ba616895\/restart-apache2.png\" alt=\"Restart the Apache service\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">If you cannot restart Apache, go back to Apache security2.conf file and comment out this file path by adding a # in the beginning of the line: # IncludeOptional \/usr\/share\/modsecurity-crs\/owasp-crs.load.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ nano \/etc\/apache2\/mods-enabled\/security2.conf<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/980a1e0f87bf4584a3db53a8ccdf1d40\/comment-out.png\" alt=\"Restart the Apache service\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Now, you should be able to restart the Apache service.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ systemctl restart apache2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/498287fff0d04ea4ab0de950ba616895\/restart-apache2.png\" alt=\"Restart the Apache service\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-paragraph-card\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters pt-4 pb-1\">\n<h3 class=\"col col-md-12 d-h3 d-color-black d-fs-20 d-fw-600 d-lineheight-24 core-title\">Step 3. Test ModSecurity Configuration<\/h3>\n<div class=\"col\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Now, we can create a test blocking rule and check if we will receive a 403 error and a ModSecurity log entry.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Edit your default Apache configuration file. If you haven&#8217;t changed the default Apache configuration file, it should be \/etc\/apache2\/sites-available\/000-default.conf. In this example, we have change the default file to \/etc\/apache2\/sites-available\/mytestsite.com.conf. Replace the default configuration file with your default configuration file.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ nano \/etc\/apache2\/sites-available\/000-default.conf<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/6c78e18331c74df3ad55f3d5ec688752\/nano-default-file.png\" alt=\"Edit your default Apache configuration file.\" width=\"800\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">At the bottom of the file, above , add the following custom ModSecurity rule. Feel free to change the id number and msg as desired.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ SecRuleEngine On\r\nSecRule ARGS:testparam \"@contains test\" \"id:999,deny,status:403,msg:'Test Successful'\"<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/31b00e31017a4819842a417a8919e3a6\/add-content-default-config.png\" alt=\"Edit your default Apache configuration file.\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Press Ctrl + X, then y and enter to save the changes.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Restart the Apache service.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ systemctl restart apache2<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/6dce8b9eaa794a18af0fcf3e50cde764\/restart-apache2.png\" alt=\"Restart the Apache service\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Open a browser, access your server IP or your domain on that server with ?testparam=test on the end (e.g. domain.com\/?testparam=test). In our case, we use mytestsite.com\/?testparam=test. As expected, we receive the 403 forbidden error.<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/c389fbd6d6f34abd82306b69bc0f5264\/test-success.png\" alt=\"Test success\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">In your Apache error log for ModSecurity errors, you can also search for this log using your error message (\u201cTest Successful\u201d) or id number (999):<\/p>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<pre class=\"d-fs-normal d-lineheight-26 mb-0\">$ cat \/var\/log\/apache2\/error.log | grep 'Test Successful'<\/pre>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<div class=\"d-text-start\"><img decoding=\"async\" class=\"d-img d-lazy-img\" src=\"https:\/\/images.cloudclusters.io\/9bb80d7f9042483abeba9bcc187c3f8f\/confirm-test-result-via-log.png\" alt=\"Search for error log\" width=\"600\" \/><\/div>\n<\/div>\n<\/div>\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">Afterwards, you can delete this test rule from your configuration file.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-title pt-10 pb-0\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-left d-text-left d-title-inner\">\n<h2 id=\"conclusion\" class=\"col col-md-10 d-h2 d-color-black  core-title\">Conclusion<\/h2>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"d-paragraph-card\">\n<div class=\"container\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters pt-4 pb-1\">\n<div class=\"col\">\n<div class=\"row row-cols-1  justify-content-start d-text-start d-title-inner no-gutters\">\n<div class=\"col\">\n<p class=\"mb-0\">installing the ModSecurity Apache module is a valuable step in enhancing the security of your web server and protecting your web applications against common attacks. By following the installation steps outlined in this blog, you can easily integrate ModSecurity into your Apache server and leverage its powerful features to detect and prevent various types of web vulnerabilities. The ModSecurity module, with its extensive rule set, provides an additional layer of defense, giving you peace of mind and helping you meet security requirements. Please do remember to regularly update the rule set and fine-tune the configuration to ensure optimal protection without impacting legitimate traffic.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>What is ModSecurity? ModSecurity is an open-source web application firewall (WAF) module for the Apache HTTP Server (Apache) and other web servers. It provides an additional layer of security by monitoring and filtering HTTP traffic between a client and a web application. The ModSecurity module is designed to protect web applications from various types of [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":1568,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1567","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux-hosting"],"_links":{"self":[{"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/posts\/1567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/comments?post=1567"}],"version-history":[{"count":1,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/posts\/1567\/revisions"}],"predecessor-version":[{"id":1569,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/posts\/1567\/revisions\/1569"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/media\/1568"}],"wp:attachment":[{"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/media?parent=1567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/categories?post=1567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/b2bhostingclub.com\/blog\/wp-json\/wp\/v2\/tags?post=1567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}