How to Install Apache with ModSecurity on Ubuntu 22.04

ModSecurity is a free and open-source firewall tool supported by various web servers, such as Apache, Nginx, and IIS. It is a signature-based firewall that is capable to block several types of attacks including, cross-site scripting (XSS), brute force attacks, and known code injection attacks. It provides different rule sets that allow you to customize and configure your server security. It can also monitor web traffic in real time and help you detect and respond to intrusions.

In this video, you will see how to set up ModSecurity with Apache on Ubuntu 22.04.

Useful Links
VPS/VDS – https://www.mivocloud.com/

Commands Used
apt install gnupg2 software-properties-common curl wget git unzip -y
add-apt-repository ppa:ondrej/apache2 -y
apt update -y
apt install apache2 -y
apt install libapache2-mod-security2 -y
a2enmod security2
systemctl restart apache2
systemctl status apache2
nano /etc/apache2/mods-enabled/security2.conf
mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
nano /etc/modsecurity/modsecurity.conf
systemctl restart apache2
wget https://github.com/coreruleset/coreruleset/archive/v3.3.0.tar.gz
tar xvf v3.3.0.tar.gz
mkdir /etc/apache2/modsecurity-crs/
mv coreruleset-3.3.0/ /etc/apache2/modsecurity-crs
cd /etc/apache2/modsecurity-crs/coreruleset-3.3.0/
mv crs-setup.conf.example crs-setup.conf
nano /etc/apache2/mods-enabled/security2.conf

IncludeOptional /etc/apache2/modsecurity-crs/coreruleset-3.3.0/crs-setup.conf
IncludeOptional /etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/*.conf

apache2ctl -t
curl http://localhost/index.html?exec=/bin/bash
tail /var/log/apache2/modsec_audit.log