• Nice tutorial! Thanks for walking me through this! Just a few observations:

    I encourage apachectl configtest instead of or at least prior to restarting Apache. Just good practice if you're working on a live site.

    The curl -i ... -A command doesn't seem to trigger ModSecurity. Not sure if that was a change in the rules or if I did something wrong.

    Don't forget to make the test script executable with chmod 744 or you'll get: -bash: /usr/share/doc/mod_evasive-1.10.1/test.pl: Permission denied

  • Thanks for the tutorial. The link to rules are a 404 and the latest rules don't work as mod_security rpm is an older version than 2.9.1 It would be great if you upgrade your tutorial to sort out this issues.

  • Hi Hitesh,

    trying this url to install mod security module "git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git" but getting error

    "fail to create operator: detect XSS"

    I am running vm with centos 7 and apache 2.4.7 . Can you please suggest where I am going wrong or this is the mod security bug.

  • I have try to run "git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git" and is run successfully. I doesn't see any error.

  • I am getting below error

    "AH00526: Syntax error on line 64 of ../crs/modsecurity-crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf: Error creating rule: Failed to resolve operator: detectXSS"

  • and I have installed mod security version 2.9.1 . below is error log

    ModSecurity: StatusEngine call: "2.9.1,Apache/2.4.6 (CentOS) Ope,1.4.8/1.4.8,8.32/8.32 2012-11-30,(null),2.9.1,0f4af4f43a5d3271426bb108d7146c1ffa4ff783"

    ModSecurity: StatusEngine call successfully sent. For more information visit: http://status.modsecurity.org/

  • thank you for the tutorial,,,do you have a mod security notification tutorial to the telegram may ask for the websaite ... because I want to learn it

  • Tutorial for Cetnos

  • What a unique idea really works for the connect of your device of the fix connections bluetooth audio devices wireless displays and with it many of the aim you can easily achieve for the expend of your device and lots of works be easily done with it.

Log In, Add a Comment