How to enable mod security via ssh

Hi all
I can login to my server via ssh (using putty). I have to turn on mod security. How can I do this please? Thank you this is the first time I have to do this

Could you provide more info on your server?
Otherwise it’s not possible to be helpful here.

Sure it is an apache server

If you login via ssh, you will be able to edit the apache configs using a program like nano or vi.

If you look in either, /etc/apache, /etc/apache2 or /etc/httpd or a variation of those, you will find the configs you need.

httpd.conf / apache2.conf etc will contain a block of modules that are loaded, mod_security may already be in there, or, as some Linux distributions do, they create little confs for each module. so you may find a “conf.d” folder which contain more sub configs - again, there may be one for mod_security there.

Welcome, TimIgoe, to Apache! I’m sure you can keep me straight with the nitty-gritty of dealing with the server!

Tim’s advice here is 'nix-centric where I am weakest (my test server is hosted on my Win7 box) but I can add a few things to his post regarding the server’s conf file:

  1. In the modules block, be sure to remove the ; at the start of the line for mod_security as the ; makes the line a comment (and does not enable the module).

  2. If you need to enable one of the “little confs”, be sure to remove the ; from the include statement in the server conf file.

  3. ANY change to the server conf file will REQUIRE a restart before they’re effective. On my WinDoze box, I use the Apache Monitor tool but it’s easier on a 'nix box - IF you can remember the code (sorry, I can’t 'cause I don’t ever use it - I host on a 'nix box but use WHM and Virtuosso tools).



/etc/init.d/httpd restart
/etc/init.d/apache2 restart

Or graceful instead of restart that reloads the new config but doesn’t interrupt the working of the server (it doesn’t stop and start but just keeps running, while loading the changed config). Very handy in production environments! :slight_smile:

Though I must admit I’m not 100% sure this works when enabling/disabling modules.

Thank you TimIgoe and all for the replies. In the end my dev worked it out but talk about a painful process a week to change this. I’m going to have to learn this myself!