M
All Guides

Установка ModSecurity WAF

Установите Web Application Firewall ModSecurity.

Advanced30 мин.

Setup Steps

1. Install ModSecurity for Apache:

sudo apt install libapache2-mod-security2 -y

2. Enable ModSecurity:

sudo a2enmod security2

3. Create configuration file:

sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

4. Switch from detection to blocking mode:

sudo nano /etc/modsecurity/modsecurity.conf
# SecRuleEngine DetectionOnly
SecRuleEngine On

5. Install OWASP Core Rule Set (CRS):

sudo apt install modsecurity-crs -y

6. Enable CRS:

sudo cp /usr/share/modsecurity-crs/crs-setup.conf.example /usr/share/modsecurity-crs/crs-setup.conf

7. Restart Apache:

sudo systemctl restart apache2

8. Check logs:

sudo tail -f /var/log/apache2/modsec_audit.log

9. Disable a rule for false positives:

SecRuleRemoveById 920350

10. For Nginx use libmodsecurity3:

sudo apt install libmodsecurity3 -y

Related Guides

Настройка UFW Firewall

Защитите сервер с помощью Ubuntu UFW.

Установка Fail2Ban

Защитите сервер от brute-force атак.

Настройка VPN (WireGuard)

Настройте WireGuard VPN-сервер.

Автоматическое обновление SSL Certbot

Настройте автоматическое обновление SSL-сертификатов.