How to set up the ModSecurity module

How to set up the ModSecurity module#

After the ModSecurity package was installed, additional setup is required.

  1. Enable the installed module in your configuration with the load_module directive:

    load_module modules/;
  2. Use the modsecurity and modsecurity_rules_file directives in an appropriate context, such as server:

    server {
        modsecurity on;
        modsecurity_rules_file /etc/angie/modsecurity/rules.conf;
        # ...
  3. Copy the OWASP ModSecurity Core Rule Set (CRS) to /var/lib/angie/modsecurity/:

    $ cd /var/lib/angie/modsecurity/
    $ sudo git clone -b v4.1.0


    Find the latest release number here: coreruleset/coreruleset

  4. In the core rule set directory, copy the minimal necessary ModSecurity configuration examples:

    $ sudo cp coreruleset/crs-setup.conf.example coreruleset/crs-setup.conf
    $ sudo cp coreruleset/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example \
    $ sudo cp coreruleset/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example \
  5. Uncomment the following Include directives in /etc/angie/modsecurity/rules.conf:

    Include /var/lib/angie/modsecurity/coreruleset/crs-setup.conf
    Include /var/lib/angie/modsecurity/coreruleset/rules/*.conf
  6. Reload Angie configuration to apply the changes:

    $ sudo angie -t && sudo service angie reload