Hey,

I’m a newbie here and facing a couple issue with my droplet. Wanted to harden the security of my Ubuntu droplet but facing some issues. Googled a lot but can’t see any solution of these problems. Any suggestion on how to fix these?

1.) How can I update OWASP modsecurity core rule set? Right now I am using 2.2.4 and the latest version is 2.2.9 (https://github.com/SpiderLabs/owasp-modsecurity-crs)

2) I have installed mod_security. When I add the new symlinks to apache ’/etc/apache2/mods-available/security2.conf" I get the following error:

Job for apache2.service failed because the control process exited with error code. See “systemctl status apache2.service” and “journalctl -xe” for details.

When I comment the line line –> Include “/etc/modsecurity/activated_rules/*.conf”
Apache starts working again.

3) In /etc/sysctl.conf when I add these rules

Disable source packet routing

net.ipv4.conf.all.acceptsourceroute = 0
net.ipv6.conf.all.acceptsourceroute = 0

Log Martians

net.ipv4.icmpignoreboguserrorrespons­es = 1

and reloaded the new rules by “sudo service procps start”

I get the following error after running “sysctl -p”

sysctl: cannot stat /proc/sys/net/ipv4/conf/default/acceptsourcerout­e: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv6/conf/default/acceptsourcerout­e: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/icmpignoreboguserrorrespons­es: No such file or directory