How Mod_Security Apache Helps in Web Security ?

  • June 17th, 2016
  • By Amal S
  • Blog
  • We are now living in an era where the terms such as “Web Hosting”, “Server Maintenance“, “Cloud Service” getting importance day by day. The majority of the business organizations are now opting server management services due to its affordability and scalability. Server management is suitable for business of any size and operations and it is highly customizable. Now there certified server maintenance providers in the market. They are offering 24/ 7 server management services.

    Even though the support from the server management systems is there to support different business organizations, the security of the data which is stored virtually is an important thing. On an administrators point view, there are certain coding algorithms which they can use to ensure the web security for their clients. Mod_security is one of the apache used to ensure web security.

    Before getting into mod_security let’s see what does an “apache” means. Apache is one of the popular web servers in the world. It is freely available and it is an open source. Due to its ease of administration flexibility, it is highly accepted among server maintenance people. The strength of Apache is its flexible modules. To support SSL encryption, it helps the Apache in natively rewriting URLs. This provides the server maintenance team or administrators to meet their needs.

    Let’s come again to our topic – Mod_ Security. It is an apache module and it helps you to protect you from various web attacks. It includes hacking attacks. It defaults on In Motion servers. Mod_security block the web from the attacks using regular expressions and rule sets. The main attacks faced by servers are the common code injection attacks. So through blocking those, it strengthens the security of the server. Mod_security helps those who lack security codes in their websites.

    How Mod_Security helps to secure your website?

    The major benefits of mod_security include:

    Access to HTTP traffic stream:

    The major benefit of using mod security is that it gives the administrator access to HTTP traffic stream. Not only giving access but also it provides the facility to inspect it. This paves for monitoring of security in real-time.

    Virtual Patching:

    The concept of keeping the vulnerability mitigation in a separate layer is called virtual patching. Here you don’t need to touch the application to fix the problems. It is suitable for sites with a communication protocol.

    Full HTTP traffic logging

    Another benefit which mod_security brings is Full HTTP traffic logging. The mod_security gives you the facility to log anything you need. Apart from this which part of the transaction is logged or sanitized can be understood by this.

    Passive monitoring in a continues assessment

    Instead of focusing on the external parties who try to perform a simulated attack, in continues passive security assessment, the system itself is focused. It is an early warning system used to trace the abnormalities. So mod_security helps the server maintenance team to perform regular security check ups.

    It facilitates web application hardening

    Another advantage you get through Mod_Security is the attack surface reduction. It is the process of enforcing some similar restrictions. Here the process of selectively narrow down the HTTP features is which you are willing to accept is what happening. Such facilities make the mod_security the favorite of server maintenance people.

    How to install Mod_Security?

    Different types of apache include mod_security, mod_access, and proxy_module. Here in this article, the installation of mod_security is mentioned. Installation of the mod_security apache helps to prevent various attacks such as SQL injection, Trojans, Cross-site scripting etc. Let us get into the installation procedure.

    Here the server should be updated and you have to install apache.

    * yum -y install HTTP

    Install the following dependencies for the proper working of Mod_Security.

    * yum -y install httpd-devel ibxml2-devel git curl-devel gcc libxml2 l pcre-devel make

    You can install mod_security via command line or compilation.

    1) Install mod_security via compilation.

    Download and extract the package

    * cd /usr/local/src

    * wget

    * tar xzfv modsecurity-2.9.1.tar.gz

    * cd modsecurity-2.9.1

    Configure and compile the source code.



    make install

    2) Install mod_security via command.

    * Installation – Ubuntu/Debian

    apt-get install libapache2-mod-security

    a2enmod mod-security

    /etc/init.d/apache2 force-reload

    * Installation – Fedora/CentOS

    yum install mod_security

    /etc/init.d/httpd restart

    Copy the default Mod_Security configuration and Unicode mapping file to the Apache directory.

    cp modsecurity.conf-recommended /etc/HTTP/conf.d/modsecurity.conf

    cp Unicode.mapping /etc/httpd/conf.d/

    Here, It is needed to configure Apache to use Mod_Security. Open apache configuration file and add the following lines:

    vi /etc/HTTP/conf/httpd.conf

    LoadModule security2_module modules/

    You can now start Apache and configure it to start at boot.

    service https start

    chk config https on

    Mod_Security supplies an array of request filtering and other security features to the Apache HTTP Server, IIS, and NGINX. Mod_Security is a web application layer firewall. Mod_Security is free software released under the Apache license 2.0. Use this apache to ensure the safety of the website. It can save the website from all web attacks.

    Recent Post

    Looking for a reliable 24/7 support provider?

    Contact US Today

    Contact Us