Mod_security on Debian Etch

Discussion in 'Server Operation' started by tsmaudio, Apr 23, 2007.

  1. tsmaudio

    tsmaudio New Member

    Hi Guys
    I have moved up to Debian Etch from sarge, and the
    "apt-get install libapache2-mod-security" command doesn't install it now.
    My apt source.list contains the same links as in the perfect set up for Debain Etch by falko (thanks falko)
    http://www.howtoforge.com/perfect_setup_debian_etch_p3

    Is there any issues with installing mod_security on Debian Etch, if not which is the best way to go about it?

    Cheers.
     
    Last edited: Apr 23, 2007
  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Maybe the name of the package has changed a bit. Do you see the package when you run
    Code:
    apt-cache search apache
    ?
     
  3. tsmaudio

    tsmaudio New Member

    Hi Falko

    hope you are keeping well

    I have run
    apt-cache search apache, and it doen't seem to be mentioned at all.

    Any other sugestions on how to proceed.

    thanks again

    Tony​
     
  4. Ovidiu

    Ovidiu Active Member

    same trouble here :-( tried apt-cache search apache | grep secur and that did not yield any results that resembled what we were looking for...
     
  5. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I can't find it either, which leads me to the assumption that it is included in the normal Apache package. What's the output of
    Code:
    ls -l /etc/apache2/mods-available
    ?
     
  6. tsmaudio

    tsmaudio New Member

    This is the output of ls -l /etc/apache2/mods-available

    total 324
    -rw-r--r-- 1 root root 66 Mar 27 12:45 actions.load
    -rw-r--r-- 1 root root 62 Apr 22 19:02 alias.load
    -rw-r--r-- 1 root root 60 Mar 27 12:45 asis.load
    -rw-r--r-- 1 root root 72 Apr 22 19:02 auth_basic.load
    -rw-r--r-- 1 root root 74 Mar 27 12:45 auth_digest.load
    -rw-r--r-- 1 root root 74 Mar 27 12:45 authn_alias.load
    -rw-r--r-- 1 root root 72 Mar 27 12:45 authn_anon.load
    -rw-r--r-- 1 root root 70 Mar 27 12:45 authn_dbd.load
    -rw-r--r-- 1 root root 70 Mar 27 12:45 authn_dbm.load
    -rw-r--r-- 1 root root 78 Mar 27 12:45 authn_default.load
    -rw-r--r-- 1 root root 72 Apr 22 19:02 authn_file.load
    -rw-r--r-- 1 root root 90 Mar 27 12:45 authnz_ldap.load
    -rw-r--r-- 1 root root 70 Mar 27 12:45 authz_dbm.load
    -rw-r--r-- 1 root root 78 Apr 22 19:02 authz_default.load
    -rw-r--r-- 1 root root 82 Apr 22 19:02 authz_groupfile.load
    -rw-r--r-- 1 root root 72 Apr 22 19:02 authz_host.load
    -rw-r--r-- 1 root root 74 Mar 27 12:45 authz_owner.load
    -rw-r--r-- 1 root root 72 Apr 22 19:02 authz_user.load
    -rw-r--r-- 1 root root 70 Apr 22 19:02 autoindex.load
    -rw-r--r-- 1 root root 62 Mar 27 12:45 cache.load
    -rw-r--r-- 1 root root 70 Mar 27 12:45 cern_meta.load
    -rw-r--r-- 1 root root 58 Apr 22 19:02 cgi.load
    -rw-r--r-- 1 root root 68 Mar 27 12:45 cgid.conf
    -rw-r--r-- 1 root root 60 Mar 27 12:45 cgid.load
    -rw-r--r-- 1 root root 76 Mar 27 12:45 charset_lite.load
    -rw-r--r-- 1 root root 58 Mar 27 12:45 dav.load
    -rw-r--r-- 1 root root 36 Mar 27 12:45 dav_fs.conf
    -rw-r--r-- 1 root root 79 Mar 27 12:45 dav_fs.load
    -rw-r--r-- 1 root root 68 Mar 27 12:45 dav_lock.load
    -rw-r--r-- 1 root root 58 Mar 27 12:45 dbd.load
    -rw-r--r-- 1 root root 107 Mar 27 12:45 deflate.conf
    -rw-r--r-- 1 root root 66 Mar 27 12:45 deflate.load
    -rw-r--r-- 1 root root 136 Apr 22 19:02 dir.conf
    -rw-r--r-- 1 root root 58 Apr 22 19:02 dir.load
    -rw-r--r-- 1 root root 169 Mar 27 12:45 disk_cache.conf
    -rw-r--r-- 1 root root 89 Mar 27 12:45 disk_cache.load
    -rw-r--r-- 1 root root 64 Mar 27 12:45 dump_io.load
    -rw-r--r-- 1 root root 58 Apr 22 19:02 env.load
    -rw-r--r-- 1 root root 66 Mar 27 12:45 expires.load
    -rw-r--r-- 1 root root 72 Mar 27 12:45 ext_filter.load
    -rw-r--r-- 1 root root 89 Mar 27 12:45 file_cache.load
    -rw-r--r-- 1 root root 64 Mar 27 12:45 filter.load
    -rw-r--r-- 1 root root 66 Mar 27 12:45 headers.load
    -rw-r--r-- 1 root root 62 Mar 27 12:45 ident.load
    -rw-r--r-- 1 root root 68 Mar 27 12:45 imagemap.load
    -rw-r--r-- 1 root root 66 Apr 22 19:02 include.load
    -rw-r--r-- 1 root root 60 Mar 27 12:45 info.load
    -rw-r--r-- 1 root root 60 Mar 27 12:45 ldap.load
    -rw-r--r-- 1 root root 76 Mar 27 12:45 log_forensic.load
    -rw-r--r-- 1 root root 185 Mar 27 12:45 mem_cache.conf
    -rw-r--r-- 1 root root 87 Mar 27 12:45 mem_cache.load
    -rw-r--r-- 1 root root 60 Apr 22 19:02 mime.load
    -rw-r--r-- 1 root root 89 Mar 27 12:45 mime_magic.conf
    -rw-r--r-- 1 root root 72 Mar 27 12:45 mime_magic.load
    -rw-r--r-- 1 root root 74 Apr 22 19:02 negotiation.load
    -rw-r--r-- 1 root root 60 Mar 27 10:36 perl.load
    -rw-r--r-- 1 root root 133 Mar 8 08:48 php4.conf
    -rw-r--r-- 1 root root 59 Mar 8 08:48 php4.load
    -rw-r--r-- 1 root root 135 Apr 22 19:02 php5.conf
    -rw-r--r-- 1 root root 59 Apr 22 19:02 php5.load
    -rw-r--r-- 1 root root 589 Mar 27 12:45 proxy.conf
    -rw-r--r-- 1 root root 62 Mar 27 12:45 proxy.load
    -rw-r--r-- 1 root root 87 Mar 27 12:45 proxy_ajp.load
    -rw-r--r-- 1 root root 103 Mar 27 12:45 proxy_balancer.load
    -rw-r--r-- 1 root root 95 Mar 27 12:45 proxy_connect.load
    -rw-r--r-- 1 root root 87 Mar 27 12:45 proxy_ftp.load
    -rw-r--r-- 1 root root 89 Mar 27 12:45 proxy_http.load
    -rw-r--r-- 1 root root 66 Apr 22 19:02 rewrite.load
    -rw-r--r-- 1 root root 68 Apr 22 19:02 setenvif.load
    -rw-r--r-- 1 root root 298 Mar 27 12:45 sick-hack-to-update-modules
    -rw-r--r-- 1 root root 66 Mar 27 12:45 speling.load
    -rw-r--r-- 1 root root 1781 Apr 22 19:02 ssl.conf
    -rw-r--r-- 1 root root 58 Apr 22 19:02 ssl.load
    -rw-r--r-- 1 root root 64 Apr 22 19:02 status.load
    -rw-r--r-- 1 root root 64 Apr 22 19:02 suexec.load
    -rw-r--r-- 1 root root 70 Mar 27 12:45 unique_id.load
    -rw-r--r-- 1 root root 293 Mar 27 12:45 userdir.conf
    -rw-r--r-- 1 root root 66 Mar 27 12:45 userdir.load
    -rw-r--r-- 1 root root 70 Mar 27 12:45 usertrack.load
    -rw-r--r-- 1 root root 66 Mar 27 12:45 version.load
    -rw-r--r-- 1 root root 74 Mar 27 12:45 vhost_alias.load

    Cheers
    Tony
     
  7. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    No, it's not in there either... :confused:
     
  8. tsmaudio

    tsmaudio New Member

    Hi everyone
    Just wondered if anyone had any further help or advice on getting mod_security installed and working on Debian etch.

    I have tried downloading the latest release from
    http://www.modsecurity.org/

    and followed these install instructions
    http://www.modsecurity.org/documentation/modsecurity-apache/2.1.0/html-multipage/02-installation.html

    but after making the additions to the apache2.conf as described and then restarting apache, it comes up with a failed message saying module not found.

    I have done a "locate mod_security" and there is a entry now in
    /usr/lib/apache2/modules/mod_security2.so

    this is all that was located.


    I guess this install is not quite right for Debian Etch? any ideas

    Any help on how to install it would be very much appreciated.

    cheers.
     
  9. Ovidiu

    Ovidiu Active Member

    those links seem good, I'll give it a try these days and see if it works for me or if I come up with another idea...
     
  10. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What exactly did you add? What's the output of
    Code:
    apache2 -V
    ?
     
  11. tsmaudio

    tsmaudio New Member

    Hi falko

    I just added my mod_security configuration to the end of the apache2.conf
    with this line at the beginning as explained in the install instructions, "LoadModule security2_module modules/mod_security2.so"

    i.e
    LoadModule security2_module modules/mod_security2.so

    <IfModule mod_security.c>
    #Turn the filtering engine On or Off
    SecFilterEngine On
    # Change Server: string
    SecServerSignature " "

    etc...

    </IfModule>

    The output of apache2 -V is as follows:

    Server version: Apache/2.2.3
    Server built: Mar 27 2007 14:57:24
    Server's Module Magic Number: 20051115:3
    Server loaded: APR 1.2.7, APR-Util 1.2.7
    Compiled using: APR 1.2.7, APR-Util 1.2.7
    Architecture: 64-bit
    Server MPM: Prefork
    threaded: no
    forked: yes (variable process count)
    Server compiled with....
    -D APACHE_MPM_DIR="server/mpm/prefork"
    -D APR_HAS_SENDFILE
    -D APR_HAS_MMAP
    -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
    -D APR_USE_SYSVSEM_SERIALIZE
    -D APR_USE_PTHREAD_SERIALIZE
    -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
    -D APR_HAS_OTHER_CHILD
    -D AP_HAVE_RELIABLE_PIPED_LOGS
    -D DYNAMIC_MODULE_LIMIT=128
    -D HTTPD_ROOT=""
    -D SUEXEC_BIN="/usr/lib/apache2/suexec"
    -D DEFAULT_PIDLOG="/var/run/apache2.pid"
    -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
    -D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
    -D DEFAULT_ERRORLOG="logs/error_log"
    -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
    -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf"


    thanks again..
     
  12. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Please move this line to where the other LoadModule lines are.
    Is mod_security2.so located in the same directory as the other modules? What's the output of
    Code:
    updatedb
    locate mod_security2.so
    ?
     
  13. Ovidiu

    Ovidiu Active Member

    another maybe unrelated question, but I thought it might fit in her:

    after the upgrade there are a lot of new modules in the /etc/apache2/mods-enabled folder,.... is there a psot somewher explaining what these new moduels do and whic ones we coudl disable safely?

    i.e. I have these:

    I didn't activate all those auth* stuff, I activated and use: cache, fastcgi + fcgid (as I never found out how to use only one of them :) mem_cache + suexec... unsure about all the others except a few obvious ones like php4 and ssl - before the upgrade I was also using mod_security and dos_evasive which did not work after the upgrade so I took out their .load files until I fix the issue...
     
    Last edited: May 7, 2007
  14. tsmaudio

    tsmaudio New Member

    Hi guys

    The output is
    /usr/lib/apache2/modules/mod_security2.so

    This is the same directory as the other modules.
    The only place i can find any LoadModule lines is inside files in these directories

    /etc/apache2/mods-enabled

    alias.load cgi.load php5.load
    alias.load.22-04-07_19-02-23 cgi.load.22-04-07_19-02-23 php5.load.22-04-07_19-02-23
    auth_basic.load dir.conf rewrite.load
    auth_basic.load.22-04-07_19-02-23 dir.conf.22-04-07_19-02-23 rewrite.load.22-04-07_19-02-23
    authn_file.load dir.load setenvif.load
    authn_file.load.22-04-07_19-02-23 dir.load.22-04-07_19-02-23 setenvif.load.22-04-07_19-02-23
    authz_default.load env.load ssl.conf
    authz_default.load.22-04-07_19-02-23 env.load.22-04-07_19-02-23 ssl.conf.22-04-07_19-02-23
    authz_groupfile.load include.load ssl.load
    authz_groupfile.load.22-04-07_19-02-23 include.load.22-04-07_19-02-23 ssl.load.22-04-07_19-02-23
    authz_host.load mime.load status.load
    authz_host.load.22-04-07_19-02-23 mime.load.22-04-07_19-02-23 status.load.22-04-07_19-02-23
    authz_user.load negotiation.load suexec.load
    authz_user.load.22-04-07_19-02-23 negotiation.load.22-04-07_19-02-23 suexec.load.22-04-07_19-02-23
    autoindex.load php5.conf
    autoindex.load.22-04-07_19-02-23 php5.conf.22-04-07_19-02-23

    and

    /etc/apache2/mods-available


    actions.load authz_groupfile.load dav_lock.load headers.load php4.conf speling.load
    alias.load authz_host.load dbd.load ident.load php4.load ssl.conf
    asis.load authz_owner.load deflate.conf imagemap.load php5.conf ssl.load
    auth_basic.load authz_user.load deflate.load include.load php5.load status.load
    auth_digest.load autoindex.load dir.conf info.load proxy.conf suexec.load
    authn_alias.load cache.load dir.load ldap.load proxy.load unique_id.load
    authn_anon.load cern_meta.load disk_cache.conf log_forensic.load proxy_ajp.load userdir.conf
    authn_dbd.load cgi.load disk_cache.load mem_cache.conf proxy_balancer.load userdir.load
    authn_dbm.load cgid.conf dump_io.load mem_cache.load proxy_connect.load usertrack.load
    authn_default.load cgid.load env.load mime.load proxy_ftp.load version.load
    authn_file.load charset_lite.load expires.load mime_magic.conf proxy_http.load vhost_alias.load
    authnz_ldap.load dav.load ext_filter.load mime_magic.load rewrite.load
    authz_dbm.load dav_fs.conf file_cache.load negotiation.load setenvif.load
    authz_default.load dav_fs.load filter.load perl.load sick-hack-to-update-modules

    Not sure what to do, i am sorry i am still a bit of a newbie.....

    thanks again for any help.
     
  15. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I think I have to try mod_security myself on Etch before I can give any help. Seems a lot of things have changed...
     
  16. eze

    eze New Member

    I ran into this problem a while ago when upgrading. It seems the mod security package has been removed from debian due to some license issue. I found an unofficial package here: http://etc.inittab.org/~agi/debian/libapache-mod-security which installed successfully for me.

    Just add this line to /etc/apt/sources.list:

    deb http://etc.inittab.org/~agi/debian/libapache-mod-security ./

    then install with apt (note there is a different package for apache 2).

    There might be a better way to do this, but it fixed my issue - hopefully it helps someone else.
     
  17. Boogiebruva

    Boogiebruva New Member

    any more news on this? One client was dead impressed with mod_security but I can't for the life of me get it working on debian etch. Does anyone have a link to a detailed howto, or has the patience to write a step-by-step howto on installing mod_security with apache2 on debian etch? I have the feeling the author of such a howto will make friends for life!
    And yes, I have googled.
    Thanx in advance
     
  18. Boogiebruva

    Boogiebruva New Member

    Oh for crying out loud, I'm always doing this! Posting a question and finding the answer ten minutes later! I didn't read the last post properly - go here:-

    http://etc.inittab.org/~agi/debian/libapache-mod-security/etch/

    and download. The install asked for mod-security-common but synaptic dealt with that. Piece of cake in the end! Weeks of frustration and one happy client! Take note - read other posts carefully!!!
     
  19. tsmaudio

    tsmaudio New Member

    I have tried to install mod _security using the link provided by "eze".
    It installed without any problems, but when I am testing it using the methods described here http://www.debian-administration.org/articles/65

    It doesn't seem to be working or doing anything at all.
    I had this in the error.log

    [error] ModSecurity: ModSecurity requires mod_unique_id to be installed.

    So I looked to see if it was on the system and it seemed to be, so I just enabled it using

    a2enmod unique_id

    and restarted apache, but it made no difference, it was still doing nothing.

    I am wondering if anyone else has tested it to see if this install works?

    Any help would be a god send!

    Cheers
    T.
     
  20. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Do you still get that error now in the error log, or is it something else now?
     

Share This Page