Mod_security on Debian Etch

Hi Guys
I have moved up to Debian Etch from sarge, and the
"apt-get install libapache2-mod-security" command doesn't install it now.
My apt source.list contains the same links as in the perfect set up for Debain Etch by falko (thanks falko)
http://www.howtoforge.com/perfect_setup_debian_etch_p3

Is there any issues with installing mod_security on Debian Etch, if not which is the best way to go about it?

Cheers.

 

Maybe the name of the package has changed a bit. Do you see the package when you run

Code:

apt-cache search apache

?

 

Hi Falko

hope you are keeping well

I have run

apt-cache search apache, and it doen't seem to be mentioned at all.

Any other sugestions on how to proceed.

thanks again

Tony​

 

same trouble here :-( tried apt-cache search apache | grep secur and that did not yield any results that resembled what we were looking for...

 

I can't find it either, which leads me to the assumption that it is included in the normal Apache package. What's the output of

Code:

ls -l /etc/apache2/mods-available

?

 

This is the output of ls -l /etc/apache2/mods-available

total 324
-rw-r--r-- 1 root root 66 Mar 27 12:45 actions.load
-rw-r--r-- 1 root root 62 Apr 22 19:02 alias.load
-rw-r--r-- 1 root root 60 Mar 27 12:45 asis.load
-rw-r--r-- 1 root root 72 Apr 22 19:02 auth_basic.load
-rw-r--r-- 1 root root 74 Mar 27 12:45 auth_digest.load
-rw-r--r-- 1 root root 74 Mar 27 12:45 authn_alias.load
-rw-r--r-- 1 root root 72 Mar 27 12:45 authn_anon.load
-rw-r--r-- 1 root root 70 Mar 27 12:45 authn_dbd.load
-rw-r--r-- 1 root root 70 Mar 27 12:45 authn_dbm.load
-rw-r--r-- 1 root root 78 Mar 27 12:45 authn_default.load
-rw-r--r-- 1 root root 72 Apr 22 19:02 authn_file.load
-rw-r--r-- 1 root root 90 Mar 27 12:45 authnz_ldap.load
-rw-r--r-- 1 root root 70 Mar 27 12:45 authz_dbm.load
-rw-r--r-- 1 root root 78 Apr 22 19:02 authz_default.load
-rw-r--r-- 1 root root 82 Apr 22 19:02 authz_groupfile.load
-rw-r--r-- 1 root root 72 Apr 22 19:02 authz_host.load
-rw-r--r-- 1 root root 74 Mar 27 12:45 authz_owner.load
-rw-r--r-- 1 root root 72 Apr 22 19:02 authz_user.load
-rw-r--r-- 1 root root 70 Apr 22 19:02 autoindex.load
-rw-r--r-- 1 root root 62 Mar 27 12:45 cache.load
-rw-r--r-- 1 root root 70 Mar 27 12:45 cern_meta.load
-rw-r--r-- 1 root root 58 Apr 22 19:02 cgi.load
-rw-r--r-- 1 root root 68 Mar 27 12:45 cgid.conf
-rw-r--r-- 1 root root 60 Mar 27 12:45 cgid.load
-rw-r--r-- 1 root root 76 Mar 27 12:45 charset_lite.load
-rw-r--r-- 1 root root 58 Mar 27 12:45 dav.load
-rw-r--r-- 1 root root 36 Mar 27 12:45 dav_fs.conf
-rw-r--r-- 1 root root 79 Mar 27 12:45 dav_fs.load
-rw-r--r-- 1 root root 68 Mar 27 12:45 dav_lock.load
-rw-r--r-- 1 root root 58 Mar 27 12:45 dbd.load
-rw-r--r-- 1 root root 107 Mar 27 12:45 deflate.conf
-rw-r--r-- 1 root root 66 Mar 27 12:45 deflate.load
-rw-r--r-- 1 root root 136 Apr 22 19:02 dir.conf
-rw-r--r-- 1 root root 58 Apr 22 19:02 dir.load
-rw-r--r-- 1 root root 169 Mar 27 12:45 disk_cache.conf
-rw-r--r-- 1 root root 89 Mar 27 12:45 disk_cache.load
-rw-r--r-- 1 root root 64 Mar 27 12:45 dump_io.load
-rw-r--r-- 1 root root 58 Apr 22 19:02 env.load
-rw-r--r-- 1 root root 66 Mar 27 12:45 expires.load
-rw-r--r-- 1 root root 72 Mar 27 12:45 ext_filter.load
-rw-r--r-- 1 root root 89 Mar 27 12:45 file_cache.load
-rw-r--r-- 1 root root 64 Mar 27 12:45 filter.load
-rw-r--r-- 1 root root 66 Mar 27 12:45 headers.load
-rw-r--r-- 1 root root 62 Mar 27 12:45 ident.load
-rw-r--r-- 1 root root 68 Mar 27 12:45 imagemap.load
-rw-r--r-- 1 root root 66 Apr 22 19:02 include.load
-rw-r--r-- 1 root root 60 Mar 27 12:45 info.load
-rw-r--r-- 1 root root 60 Mar 27 12:45 ldap.load
-rw-r--r-- 1 root root 76 Mar 27 12:45 log_forensic.load
-rw-r--r-- 1 root root 185 Mar 27 12:45 mem_cache.conf
-rw-r--r-- 1 root root 87 Mar 27 12:45 mem_cache.load
-rw-r--r-- 1 root root 60 Apr 22 19:02 mime.load
-rw-r--r-- 1 root root 89 Mar 27 12:45 mime_magic.conf
-rw-r--r-- 1 root root 72 Mar 27 12:45 mime_magic.load
-rw-r--r-- 1 root root 74 Apr 22 19:02 negotiation.load
-rw-r--r-- 1 root root 60 Mar 27 10:36 perl.load
-rw-r--r-- 1 root root 133 Mar 8 08:48 php4.conf
-rw-r--r-- 1 root root 59 Mar 8 08:48 php4.load
-rw-r--r-- 1 root root 135 Apr 22 19:02 php5.conf
-rw-r--r-- 1 root root 59 Apr 22 19:02 php5.load
-rw-r--r-- 1 root root 589 Mar 27 12:45 proxy.conf
-rw-r--r-- 1 root root 62 Mar 27 12:45 proxy.load
-rw-r--r-- 1 root root 87 Mar 27 12:45 proxy_ajp.load
-rw-r--r-- 1 root root 103 Mar 27 12:45 proxy_balancer.load
-rw-r--r-- 1 root root 95 Mar 27 12:45 proxy_connect.load
-rw-r--r-- 1 root root 87 Mar 27 12:45 proxy_ftp.load
-rw-r--r-- 1 root root 89 Mar 27 12:45 proxy_http.load
-rw-r--r-- 1 root root 66 Apr 22 19:02 rewrite.load
-rw-r--r-- 1 root root 68 Apr 22 19:02 setenvif.load
-rw-r--r-- 1 root root 298 Mar 27 12:45 sick-hack-to-update-modules
-rw-r--r-- 1 root root 66 Mar 27 12:45 speling.load
-rw-r--r-- 1 root root 1781 Apr 22 19:02 ssl.conf
-rw-r--r-- 1 root root 58 Apr 22 19:02 ssl.load
-rw-r--r-- 1 root root 64 Apr 22 19:02 status.load
-rw-r--r-- 1 root root 64 Apr 22 19:02 suexec.load
-rw-r--r-- 1 root root 70 Mar 27 12:45 unique_id.load
-rw-r--r-- 1 root root 293 Mar 27 12:45 userdir.conf
-rw-r--r-- 1 root root 66 Mar 27 12:45 userdir.load
-rw-r--r-- 1 root root 70 Mar 27 12:45 usertrack.load
-rw-r--r-- 1 root root 66 Mar 27 12:45 version.load
-rw-r--r-- 1 root root 74 Mar 27 12:45 vhost_alias.load

Cheers
Tony

 

No, it's not in there either...

 

Hi everyone
Just wondered if anyone had any further help or advice on getting mod_security installed and working on Debian etch.

I have tried downloading the latest release from
http://www.modsecurity.org/

and followed these install instructions
http://www.modsecurity.org/documentation/modsecurity-apache/2.1.0/html-multipage/02-installation.html

but after making the additions to the apache2.conf as described and then restarting apache, it comes up with a failed message saying module not found.

I have done a "locate mod_security" and there is a entry now in
/usr/lib/apache2/modules/mod_security2.so

this is all that was located.


I guess this install is not quite right for Debian Etch? any ideas

Any help on how to install it would be very much appreciated.

cheers.

 

those links seem good, I'll give it a try these days and see if it works for me or if I come up with another idea...

 

What exactly did you add? What's the output of

Code:

apache2 -V

?

 

Hi falko

I just added my mod_security configuration to the end of the apache2.conf
with this line at the beginning as explained in the install instructions, "LoadModule security2_module modules/mod_security2.so"

i.e
LoadModule security2_module modules/mod_security2.so

<IfModule mod_security.c>
#Turn the filtering engine On or Off
SecFilterEngine On
# Change Server: string
SecServerSignature " "

etc...

</IfModule>

The output of apache2 -V is as follows:

Server version: Apache/2.2.3
Server built: Mar 27 2007 14:57:24
Server's Module Magic Number: 20051115:3
Server loaded: APR 1.2.7, APR-Util 1.2.7
Compiled using: APR 1.2.7, APR-Util 1.2.7
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT=""
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf"


thanks again..

 

Please move this line to where the other LoadModule lines are.
Is mod_security2.so located in the same directory as the other modules? What's the output of

Code:

updatedb
locate mod_security2.so

?

 

another maybe unrelated question, but I thought it might fit in her:

after the upgrade there are a lot of new modules in the /etc/apache2/mods-enabled folder,.... is there a psot somewher explaining what these new moduels do and whic ones we coudl disable safely?

i.e. I have these:

I didn't activate all those auth* stuff, I activated and use: cache, fastcgi + fcgid (as I never found out how to use only one of them mem_cache + suexec... unsure about all the others except a few obvious ones like php4 and ssl - before the upgrade I was also using mod_security and dos_evasive which did not work after the upgrade so I took out their .load files until I fix the issue...

 

Hi guys

The output is
/usr/lib/apache2/modules/mod_security2.so

This is the same directory as the other modules.
The only place i can find any LoadModule lines is inside files in these directories

/etc/apache2/mods-enabled

alias.load cgi.load php5.load
alias.load.22-04-07_19-02-23 cgi.load.22-04-07_19-02-23 php5.load.22-04-07_19-02-23
auth_basic.load dir.conf rewrite.load
auth_basic.load.22-04-07_19-02-23 dir.conf.22-04-07_19-02-23 rewrite.load.22-04-07_19-02-23
authn_file.load dir.load setenvif.load
authn_file.load.22-04-07_19-02-23 dir.load.22-04-07_19-02-23 setenvif.load.22-04-07_19-02-23
authz_default.load env.load ssl.conf
authz_default.load.22-04-07_19-02-23 env.load.22-04-07_19-02-23 ssl.conf.22-04-07_19-02-23
authz_groupfile.load include.load ssl.load
authz_groupfile.load.22-04-07_19-02-23 include.load.22-04-07_19-02-23 ssl.load.22-04-07_19-02-23
authz_host.load mime.load status.load
authz_host.load.22-04-07_19-02-23 mime.load.22-04-07_19-02-23 status.load.22-04-07_19-02-23
authz_user.load negotiation.load suexec.load
authz_user.load.22-04-07_19-02-23 negotiation.load.22-04-07_19-02-23 suexec.load.22-04-07_19-02-23
autoindex.load php5.conf
autoindex.load.22-04-07_19-02-23 php5.conf.22-04-07_19-02-23

and

/etc/apache2/mods-available


actions.load authz_groupfile.load dav_lock.load headers.load php4.conf speling.load
alias.load authz_host.load dbd.load ident.load php4.load ssl.conf
asis.load authz_owner.load deflate.conf imagemap.load php5.conf ssl.load
auth_basic.load authz_user.load deflate.load include.load php5.load status.load
auth_digest.load autoindex.load dir.conf info.load proxy.conf suexec.load
authn_alias.load cache.load dir.load ldap.load proxy.load unique_id.load
authn_anon.load cern_meta.load disk_cache.conf log_forensic.load proxy_ajp.load userdir.conf
authn_dbd.load cgi.load disk_cache.load mem_cache.conf proxy_balancer.load userdir.load
authn_dbm.load cgid.conf dump_io.load mem_cache.load proxy_connect.load usertrack.load
authn_default.load cgid.load env.load mime.load proxy_ftp.load version.load
authn_file.load charset_lite.load expires.load mime_magic.conf proxy_http.load vhost_alias.load
authnz_ldap.load dav.load ext_filter.load mime_magic.load rewrite.load
authz_dbm.load dav_fs.conf file_cache.load negotiation.load setenvif.load
authz_default.load dav_fs.load filter.load perl.load sick-hack-to-update-modules

Not sure what to do, i am sorry i am still a bit of a newbie.....

thanks again for any help.

 

I think I have to try mod_security myself on Etch before I can give any help. Seems a lot of things have changed...

 

I ran into this problem a while ago when upgrading. It seems the mod security package has been removed from debian due to some license issue. I found an unofficial package here: http://etc.inittab.org/~agi/debian/libapache-mod-security which installed successfully for me.

Just add this line to /etc/apt/sources.list:

deb http://etc.inittab.org/~agi/debian/libapache-mod-security ./

then install with apt (note there is a different package for apache 2).

There might be a better way to do this, but it fixed my issue - hopefully it helps someone else.

 

any more news on this? One client was dead impressed with mod_security but I can't for the life of me get it working on debian etch. Does anyone have a link to a detailed howto, or has the patience to write a step-by-step howto on installing mod_security with apache2 on debian etch? I have the feeling the author of such a howto will make friends for life!
And yes, I have googled.
Thanx in advance

 

Oh for crying out loud, I'm always doing this! Posting a question and finding the answer ten minutes later! I didn't read the last post properly - go here:-

http://etc.inittab.org/~agi/debian/libapache-mod-security/etch/

and download. The install asked for mod-security-common but synaptic dealt with that. Piece of cake in the end! Weeks of frustration and one happy client! Take note - read other posts carefully!!!

 

I have tried to install mod _security using the link provided by "eze".
It installed without any problems, but when I am testing it using the methods described here http://www.debian-administration.org/articles/65

It doesn't seem to be working or doing anything at all.
I had this in the error.log

[error] ModSecurity: ModSecurity requires mod_unique_id to be installed.

So I looked to see if it was on the system and it seemed to be, so I just enabled it using

a2enmod unique_id

and restarted apache, but it made no difference, it was still doing nothing.

I am wondering if anyone else has tested it to see if this install works?

Any help would be a god send!

Cheers
T.

 

Do you still get that error now in the error log, or is it something else now?