開発メモ

開発用のメモです。

CVE-2014-0094 その2

install

wget https://www.modsecurity.org/tarball/2.8.0/modsecurity-2.8.0.tar.gz
tar -zxvf modsecurity-2.8.0.tar.gz
cd modsecurity-2.8.0/
./configure \
    --with-apxs=/usr/local/apache2/bin/apxs \
    --with-apr=/usr/local/apache2/bin/apr-1-config \
    --with-apu=/usr/local/apache2/bin/apu-1-config \
    --with-pcre=/usr/bin/pcre-config
make && make test && make installcd 

apache config

cd /usr/local/apache2/conf
cp -p httpd.conf httpd.conf.$(date -I)
vi httpd.conf

config

LoadModule security2_module modules/mod_security2.so
<Location "/">
    <IfModule security2_module>
        SecRuleEngine On
    </IfModule>
</Location>
Twitter: @asahina_alice