Mod Security for Apache – Web Server Smart Firewall

Mod security has features that go above and beyond a standard firewall. It will help to prevent denial of service attacks, and also can be used to block traffic based on realtime blackhole lists issued by Spamhaus and others. Mod security is apparently in the Debian repositories as well as Ubuntu. In the Ubuntu repos you will have to enable the third party applications and update the aptitude databases. Then install:

sudo apt-get install libapache2-mod-security

Then enable the module:

sudo a2enmod security

By default there is a configuration file installed. The default configuration will provide you a basic starting point for the various security options available by the module. Please refer to the document for more information about what can be done. This blog shows how to use mod security to hit realtime blackhole lists to block nasty offenders of various natures.

One thought on “Mod Security for Apache – Web Server Smart Firewall”

  1. Hello there! I could have sworn I’ve been to this site before but after checking through some of the post I realized it’s new to
    me. Nonetheless, I’m definitely delighted I found it and I’ll be bookmarking and
    checking back often!

Leave a Reply