Re: [mod-security-users] Installing modsecurity on Red Hat 5.3 x64
Brought to you by:
victorhora,
zimmerletw
From: Yi Li <yi...@gm...> - 2009-06-23 19:53:38
|
Mike and all: I am runinng mod_security on RHEL AS 5 with IBM http server. I am able to compile the source and create .so file with your instruction. however, when I tried to start mod_secuirty, see the errors below: Syntax error on line 4 of /opt/IBMIHS/conf/mod_security.conf: API module structure `security2_module' in file /opt/IBMIHS/modules/mod_security2.so is garbled - perhaps this is not an Apache module DSO? do you see such issue at all? will appreciate any help. thanks in advance. FYI, here is my compile steps: 1. install the following devel packages; it is required for RHEL 5 # yum install libxml2-devel lua-devel httpd-devel curl-devel pcre-devel 2. ./configure --with-apxs=/usr/sbin/apxs --with-apr=/usr/bin/apr-1-config --with-apu=/usr/bin/apu-1-config On Fri, May 1, 2009 at 2:50 PM, Mike Duncan <Mik...@no...> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Security Admin (NetSec) wrote: > > Probably been asked and answered; however this is my first time > > installing modsecurity on a Red Hat Linux Box. On my OpenBSD systems I > > just downloaded the latest apache 2.x and compiled from source. Then > > installed modsecurity 2.x with minimal issues. Suspect I may have to do > > the same again but I hope not. System is a fully patched RHEL 5.3 x64 > > with the following version of apache running: > > > > ********************************************************* > > > > Server version: Apache/2.2.3 > > > > Server built: Nov 12 2008 07:09:03 > > > > Server's Module Magic Number: 20051115:3 > > > > Server loaded: APR 1.2.7, APR-Util 1.2.7 > > > > Compiled using: APR 1.2.7, APR-Util 1.2.7 > > > > Architecture: 64-bit > > > > Server MPM: Prefork > > > > threaded: no > > > > forked: yes (variable process count) > > > > Server compiled with.... > > > > -D APACHE_MPM_DIR="server/mpm/prefork" > > > > -D APR_HAS_SENDFILE > > > > -D APR_HAS_MMAP > > > > -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) > > > > -D APR_USE_SYSVSEM_SERIALIZE > > > > -D APR_USE_PTHREAD_SERIALIZE > > > > -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT > > > > -D APR_HAS_OTHER_CHILD > > > > -D AP_HAVE_RELIABLE_PIPED_LOGS > > > > -D DYNAMIC_MODULE_LIMIT=128 > > > > -D HTTPD_ROOT="/etc/httpd" > > > > -D SUEXEC_BIN="/usr/sbin/suexec" > > > > -D DEFAULT_PIDLOG="logs/httpd.pid" > > > > -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" > > > > -D DEFAULT_LOCKFILE="logs/accept.lock" > > > > -D DEFAULT_ERRORLOG="logs/error_log" > > > > -D AP_TYPES_CONFIG_FILE="conf/mime.types" > > > > -D SERVER_CONFIG_FILE="conf/httpd.conf" > > > > > ******************************************************************************************* > > > > When trying to install modsecurity-apache_2.5.9 I get the following > > error when running ./configure: > > > > > > > > configure: looking for Apache module support via DSO through APXS > > > > configure: error: couldn't find APXS > > Could you send your complete configure line, with options included? Or, > did you just simply run ./configure? > > > > > > > > > could not find this directory. When I Google this error I found a > > ?apache2-threaded-dev? module might be needed but I could not find. Any > > help regarding this installation issue would be appreciated. > > The 'apache2-threaded-dev' is a package which contains apxs on some > distros (Ubuntu for sure as I needed to install this). For RHEL5, this > package is called 'httpd-devel', which you will need to subscribe to > Desktop Supplementary and/or RedHat Network Toolkit channels to get > access to. > > This is what I had to do to get it compiled on RHEL5... > > (after subscribing to the channels list above and running yum update) > # yum install libxml2-devel lua-devel httpd-devel curl-devel pcre-devel > # ./configure --with-apxs=/usr/sbin/apxs > # make > # make install > > > HTH. Thanks. > > Mike Duncan > ISSO, Application Security Specialist > Government Contractor with STG, Inc. > NOAA :: National Climatic Data Center > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkn7RJEACgkQnvIkv6fg9hY2iACfVWLfzTnBJGHl2eMloEBGQ5vl > RogAn0XYQpXsoOTzB03Kxvp6/lEDvd5o > =cojq > -----END PGP SIGNATURE----- > > > ------------------------------------------------------------------------------ > Register Now & Save for Velocity, the Web Performance & Operations > Conference from O'Reilly Media. Velocity features a full day of > expert-led, hands-on workshops and two days of sessions from industry > leaders in dedicated Performance & Operations tracks. Use code vel09scf > and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Appliances, Rule Sets and Support: > http://www.modsecurity.org/breach/index.html > |