ModSecurity(tm) is an open source, free web application firewall (WAF)
Apache module. WAFs are deployed to establish an external security layer
that increases security, detects and prevents attacks before they reach
web applications. It provides protection from a range of attacks against
web applications and allows for HTTP traffic monitoring and real-time
analysis with little or no changes to existing infrastructure.
You can get started with ModSecurity by adding the following lines
to the appropriate sections of Apache's main configuration file (x86
architecture):
LoadModule security2_module lib/httpd/modules/mod_security2.so
Include /etc/httpd/extra/modsecurity-recommended.conf
Also refer to the file /etc/httpd/crs/INSTALL for information on how to
get the Core Rule Set (CRS) up and running.
This SlackBuild will also verify the PGP signature of the package if
the following conditions are met:
- You have GnuPG installed
- You have the appropriate public PGP key (0xE4BCD2EA82E67A45)
in your trustedkeys.gpg keyring
- You have downloaded the sig file from
https://www.modsecurity.org/tarball/${VERSION}/modsecurity-${VERSION}.tar.gz.asc
lua is an optional dependency.