Installing
- SecurityInstalling the package
apt install libapache2-mod-security2
a2enmod security2
- Enabling recommended config file
mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
- Checking the Engine mode (Leaving at DetectionOnly as we will have adaptive blocking)
grep SecRuleEngine /etc/modsecurity/modsecurity.conf
- Checking if we are scanning server responses
grep SecResponseBodyAccess /etc/modsecurity/modsecurity.conf
- Checking the module config
cat /etc/apache2/mods-enabled/security2.conf
systemctl restart apache2
systemctl status apache2
- At this point, no further config required
