Hey,

I’m a newbie here and facing a couple issue with my droplet. Wanted to harden the security of my Ubuntu droplet but facing some issues. Googled a lot but can’t see any solution of these problems. Any suggestion on how to fix these?

1.) How can I update OWASP modsecurity core rule set? Right now I am using 2.2.4 and the latest version is 2.2.9 (https://github.com/SpiderLabs/owasp-modsecurity-crs)

2. I have installed mod_security. When I add the new symlinks to apache '/etc/apache2/mods-available/security2.conf" I get the following error:

Job for apache2.service failed because the control process exited with error code. See “systemctl status apache2.service” and “journalctl -xe” for details.

When I comment the line line --> Include “/etc/modsecurity/activated_rules/*.conf” Apache starts working again.

3. In /etc/sysctl.conf when I add these rules

Disable source packet routing

net.ipv4.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0

Log Martians

net.ipv4.icmp_ignore_bogus_error_respons­es = 1

and reloaded the new rules by “sudo service procps start”

I get the following error after running “sysctl -p”

sysctl: cannot stat /proc/sys/net/ipv4/conf/default/accept_source_rout­e: No such file or directory sysctl: cannot stat /proc/sys/net/ipv6/conf/default/accept_source_rout­e: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/icmp_ignore_bogus_error_respons­es: No such file or directory