I found an article on http://www.debian-administration.org/articles/65, but it's older article and needs this to Debian Squeeze. Could anybody make a tutorial to me? Thanks!
Err .. search howtofoge.com better http://www.howtoforge.com/apache_mod_security it works on squeeze as well..
You does not read comments there. Read last comment: "Tried this on Squeeze for apache2: # apt-get install libapache2-mod-security Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package libapache2-mod-security So tried your one: apt-get install libapache-mod-security Which was installed into the mods-enabled dir. Sadly, your Sec* entries above fail: # /etc/init.d/apache2 restart Syntax error on line 219 of /etc/apache2/apache2.conf: Invalid command 'SecFilterEngine', perhaps misspelled or defined by a module not included in the server configuration Action 'configtest' failed." That could be problem if i do this. Because I need a tutorial for this.
Did you enable the module after installation? It's probably something like Code: a2enmod mod-security or Code: a2enmod security Restart Apache afterwards.
Okay. I tried to install modsecurity, it does works. i understand why it is problem what it say in comment on debian-administratation.com. Do I need any more to configure it to more security?
Hi, Falko's Tutorial for installing mod security was good in 2007 but is now completely obsolete. Mod security has undergone many changes since then, and needs a totally different installation. Rather use this how-to: http://www.faqforge.com/linux/apache-mod-security-installation-on-debian-6-0-squeeze/
