[Bash Shell Script] CentOS 7 Mod_Security2 설치 및 Mod_audit 로깅 설정 쉘 스크립트

 

• CentOS 7 Mod_Security2 설치 및 Mod_audit 로깅 설정 쉘 스크립트

root 계정으로 실행 및 Apache는 기존에 설치되어있는 환경 이어야 합니다.

#!/bin/bash
yum -y install gcc gcc-c++ httpd-devel &&
cd /root &&
wget https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz &&
tar xvfz /root/pcre-8.43.tar.gz &&

cd /root/pcre-8.43 &&
./configure --prefix=/usr/local/pcre &&
make &&
make install &&

cd /usr/local/src &&
wget ftp://xmlsoft.org/libxml2/libxml2-2.7.7.tar.gz &&
tar xvzf /usr/local/src/libxml2-2.7.7.tar.gz  &&
cd /usr/local/src/libxml2-2.7.7 &&
./configure --prefix=/usr/local/xml  &&
make && make install &&

cd /root &&
wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz &&
tar -zxvf /root/modsecurity-2.9.1.tar.gz &&
cd /root/modsecurity-2.9.1 &&
./configure \
--with-apr=/usr/bin/apr-1-config \
--with-apu=/usr/bin/apu-1-config
make && make install

perl -p -i -e '$.==57 and print "LoadModule security2_module modules/mod_security2.so\n"' /etc/httpd/conf/httpd.conf

cat <<EOF > /etc/httpd/conf.d/mod_security.conf
<IfModule mod_security2.c>
        SecRuleEngine DetectionOnly
        SecAuditEngine On
        SecAuditLog /var/log/httpd/modsec_audit.log
        SecAuditLogType Serial
        SecRequestBodyAccess on
        SecAuditLogParts ABIJDFHZ
</IfModule>
EOF