- DOWNLOAD APACHE WEB SERVER OPEN SUSE INSTALL
- DOWNLOAD APACHE WEB SERVER OPEN SUSE ARCHIVE
- DOWNLOAD APACHE WEB SERVER OPEN SUSE CODE
usr/lib/apr-1/build/libtool -silent -mode=install cp mod_security2.la /usr/lib/apache2/ Make: Entering directory `/usr/src/modsecurity-apache_2.1.1/apache2'
DOWNLOAD APACHE WEB SERVER OPEN SUSE INSTALL
Linux-1reo:/usr/src/modsecurity-apache_2.1.1/apache2 # make install Msc_multipart.c:520: warning: passing argument 1 of ?ap_strstr? discards qualifiers Msc_multipart.c: In function ?multipart_init?: I /usr/include/libxml2 -I/usr/include/apache2 -I. DAP_DEBUG -DSSL_EXPERIMENTAL_ENGINE -DMAX_SERVER_LIMIT=200000 -DLDAP_DEPRECATED Wsign-compare -DWITH_LIBXML2 -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts usr/lib/apr-1/build/libtool -silent -mode=compile gcc -pthread -O2 -g -Wuninitialized linux-1reo:/usr/src/modsecurity-apache_2.1.1/apache2 # make
DOWNLOAD APACHE WEB SERVER OPEN SUSE CODE
The final step in compiling the source code is to clean up any files left behind by issuing the “make clean” command as shown in Figure 5. Once these values have been altered and correctly set you can begin compiling the source code by issuing the command “make” followed by a “make install” which compiles the source code and produce binary files which are placed into there correct locations. Table 2: “Makefile” variables and values. The correct values are listen in Table 2. The variables that need to be alter are “top_dir” as it currently points to “/app/apache22” which is incorrect, “APXS” value is also incorrect as SUSE uses a different command and “APACHECTL” value is also incorrect.
The “Makefile” is located within the “modsecurity-apache_2.1.1/apache2” directory. The “modsecurity-apache_2.1.1/apache2” directory contains the mod_security source code along with the “Makefile” that needs to be altered to contain SUSE’s paths and binaries.
DOWNLOAD APACHE WEB SERVER OPEN SUSE ARCHIVE
Once the compressed tarball archive has been decompressed you should have a directory similar to “modsecurity-apache_2.1.1/apache2” within your current working directory. The packages listed in Table 1 can be installed with the “yast” or the “yast2” command, in this article we will be using the “yast” command from the command line as shown in Figure 3. Includes files and libraries mandatory for development.Ī library for Perl-compatible regular expressions. The packages that are require are listed in Table 1, these dependencies are all development packages, as we are compiling from source, you may also want to check you have the “C/C++ Compiler and tools” installed (gcc, g++, etc). Mod_security has a few dependencies that need to be installed. The next step that needs to be done before extracting the tarball archive is installing the dependencies that mod_security requires.
md5sum modsecurity-apache_2.1.1.tar.gzĪb74ed5f320ffc4ed9f56487bf17c670 modsecurity-apache_2.1.1.tar.gzįigure 2.2: Checking the integrity and authenticity of mod_security.Īs you can see the compressed tarball archive that contains mod_security source code shows that the integrity of the file is good and is tarball archive is authentic. This method of integrity checking is the simplest as it requires the use of the “md5sum” command followed by the filename as shown in Figure 1. The two methods that can be used are regenerating the MD5 checksum and comparing it to the one Breach Security Inc provide or using PGP (Pretty Good Privacy), we are going to use both methods. The first step to installing mod_security is to check the integrity and authenticity of the mod_security compressed tarball archive.
Mod_security can be downloaded from Breach Security Inc website as of writing this article the version of mod_security is 2.1.1. This is where mod_security steps in as it provides a layer of security which links into Apache providing rich features such as “event correlation, transaction scoring, anomaly detection, data persistence, a wealth of anti-evasion functions, regex back-references” (ModSecurity, 2007) for protecting Apache and eliminating possible security risks within insecure scripts. Apache is a possible gateway for malicious users to gather sensitive data and/or perform attacks against other hosts from your web server via an misconfiguration or a insecure web script (Perl, PHP, Python, etc). The Apache web server is the most popular web server on the Internet today holding a “52.65% market share for top servers across all domains August 1995 – July 2007” (Netcraft, 2007).
0 kommentar(er)
