I have been attempting to follow the instructions here in order to install ModSecurity on a droplet. My final goal is to follow the instructions here to identify and whitelist some rules that are currently causing a 403 on my Wordpress site.
I have followed the instructions in the Digitalocaean guide to set up ModSecurity, however when I run the command
sudo apachectl -M | grep --color security2 nothing is returned and after reloading apache there is no new log file at
For context, this is what was shown in the console when installed ModSecurity:
root@###-###-###-##:/var/log/apache2# sudo apt-get install libapache2-mod-security2 -y Reading package lists... Done Building dependency tree Reading state information... Done libapache2-mod-security2 is already the newest version (2.9.2-1). The following packages were automatically installed and are no longer required: grub-pc-bin libdumbnet1 Use 'sudo apt autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
Can you help me understand what hasn’t worked? Or alternatively, is there a better way for me to identify the rule IDs of the events that are leading to my 403?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $100 of credit to try our products over 60 days!