Question

Unable to setup ModSecurity

Posted September 7, 2021 60 views
LAMP StackDigitalOceanUbuntu 18.04

I have been attempting to follow the instructions here in order to install ModSecurity on a droplet. My final goal is to follow the instructions here to identify and whitelist some rules that are currently causing a 403 on my Wordpress site.

I have followed the instructions in the Digitalocaean guide to set up ModSecurity, however when I run the command sudo apachectl -M | grep --color security2 nothing is returned and after reloading apache there is no new log file at /var/log/apache2/modsec_audit.log.

For context, this is what was shown in the console when installed ModSecurity:

root@###-###-###-##:/var/log/apache2# sudo apt-get install libapache2-mod-security2 -y
Reading package lists... Done
Building dependency tree       
Reading state information... Done
libapache2-mod-security2 is already the newest version (2.9.2-1).
The following packages were automatically installed and are no longer required:
  grub-pc-bin libdumbnet1
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.

Can you help me understand what hasn’t worked? Or alternatively, is there a better way for me to identify the rule IDs of the events that are leading to my 403?

Many thanks

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hello @CuteTurquoiseRay ,

Check this tutorial, maybe solve your problem.

How To Set Up mod_security with Apache on Debian/Ubuntu

Hope that helps,
Sergio Turpín

by Jesin A
Here's how to set up mod_security with Apache on Debian/Ubuntu.