Mike and all:
  I am runinng mod_security on RHEL AS 5 with IBM http server.
  I am able to compile the source and create .so file with your instruction.
  however, when I tried to start mod_secuirty, see the errors below:

Syntax error on line 4 of /opt/IBMIHS/conf/mod_security.conf:
API module structure `security2_module' in file /opt/IBMIHS/modules/mod_security2.so is garbled - perhaps this is not an Apache module DSO?

 do you see such issue at all?
 will appreciate any help.
  thanks in advance.
FYI, here is my compile steps:

1. install the following devel packages; it is required for RHEL 5
# yum install libxml2-devel lua-devel httpd-devel curl-devel pcre-devel


./configure  --with-apxs=/usr/sbin/apxs --with-apr=/usr/bin/apr-1-config --with-apu=/usr/bin/apu-1-config

On Fri, May 1, 2009 at 2:50 PM, Mike Duncan <Mike.Duncan@noaa.gov> wrote:
Hash: SHA1

Security Admin (NetSec) wrote:
> Probably been asked and answered; however this is my first time
> installing modsecurity on a Red Hat Linux Box.  On my OpenBSD systems I
> just downloaded the latest apache 2.x and compiled from source.  Then
> installed modsecurity 2.x with minimal issues.  Suspect I may have to do
> the same again but I hope not.  System is a fully patched RHEL 5.3 x64
> with the following version of apache running:
> *********************************************************
> Server version: Apache/2.2.3
> Server built:   Nov 12 2008 07:09:03
> Server's Module Magic Number: 20051115:3
> Server loaded:  APR 1.2.7, APR-Util 1.2.7
> Compiled using: APR 1.2.7, APR-Util 1.2.7
> Architecture:   64-bit
> Server MPM:     Prefork
>   threaded:     no
>     forked:     yes (variable process count)
> Server compiled with....
>  -D APACHE_MPM_DIR="server/mpm/prefork"
>  -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>  -D HTTPD_ROOT="/etc/httpd"
>  -D SUEXEC_BIN="/usr/sbin/suexec"
>  -D DEFAULT_PIDLOG="logs/httpd.pid"
>  -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>  -D DEFAULT_LOCKFILE="logs/accept.lock"
>  -D DEFAULT_ERRORLOG="logs/error_log"
>  -D AP_TYPES_CONFIG_FILE="conf/mime.types"
>  -D SERVER_CONFIG_FILE="conf/httpd.conf"
> *******************************************************************************************
> When trying to install modsecurity-apache_2.5.9 I get the following
> error when running ./configure:
> configure: looking for Apache module support via DSO through APXS
> configure: error: couldn't find APXS

Could you send your complete configure line, with options included? Or,
did you just simply run ./configure?

> could not find this directory.  When I Google this error I found a
> ?apache2-threaded-dev? module might be needed but I could not find.  Any
> help regarding this installation issue would be appreciated.

The 'apache2-threaded-dev' is a package which contains apxs on some
distros (Ubuntu for sure as I needed to install this). For RHEL5, this
package is called 'httpd-devel', which you will need to subscribe to
Desktop Supplementary and/or RedHat Network Toolkit channels to get
access to.

This is what I had to do to get it compiled on RHEL5...

(after subscribing to the channels list above and running yum update)
# yum install libxml2-devel lua-devel httpd-devel curl-devel pcre-devel
# ./configure --with-apxs=/usr/sbin/apxs
# make
# make install

HTH. Thanks.

Mike Duncan
ISSO, Application Security Specialist
Government Contractor with STG, Inc.
NOAA :: National Climatic Data Center
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Register Now & Save for Velocity, the Web Performance & Operations
Conference from O'Reilly Media. Velocity features a full day of
expert-led, hands-on workshops and two days of sessions from industry
leaders in dedicated Performance & Operations tracks. Use code vel09scf
and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf
mod-security-users mailing list
Commercial ModSecurity Appliances, Rule Sets and Support: