ModSecurity RPMS

Intoduction

aum and ASL will automatically install and manage mod_security to ensure the correct version is installed for the version of rules on the system. modsecurity rules are version specific. modsecurity has a rule language that changes with new versions, where command syntax changes, new capabilities are added, old capabilities are retired, and new dependencies require changes in the rules, or changes in configuration. In some cases, these changes will mean that a feature no longer works as it did in previous versions at all, or the rule syntax changes may not be understood by older or even newer versions of modsecurity.

Using the correct version of modsecurity with the rules is critical. In some cases, changes way cause modsecurity to fail silently, such as recent changes in file upload stubs, that cause modsecurity 2.9.0 to no longer scan uploads if the system is not using additional configuration changes for 2.9.0.


Installation

Rules Only:

  • Install aum, and aum will install and upgrade ModSecurity for you. Do NOT use third party builds of ModSecurity with our rules.

ASL:

  • ASL will automatically install and upgrade ModSecurity. Do NOT install ModSecurity, or replace it with third party versions.

Current Versions Available by Platform

EL 5 - 2.7.7

  • It is not possible to build 2.9.0 RPMs on for EL 5 systems, ModSecurity uses functions that don’t exisit in Apache 2.2.3

  • If you need 2.9.0 for an EL 5 system, there are two options:

    1. Use ASL as a proxy in front of Apache 2.2.3
    2. Professional services. Because the version of apache, 2.2.3, on EL5 is too old to support 2.9.0, systems that wish to use 2.9.0 will need to have apache replaced with a newer version, including its support libraries. Please contact us if you would like a quote.

EL 6 - 2.9.0

EL 7 - 2.9.0