安装ModSecurity

opbsder

ModSecurity™ installation
    consists of the following steps:

ModSecurity™ 2.x works with
        Apache 2.0.x or better.

Make sure you have mod_unique_id installed.
mod_unique_id is packaged with Apache httpd.

Install the latest version of libxml2, if it isn't already
        installed on the server.
http://xmlsoft.org/downloads.html

Install the latest version of Lua in the 5.1.x branch, if it
        isn't already installed on the server.
http://www.lua.org/download.html

Stop Apache httpd

Unpack the ModSecurity™
        archive

Building differs for UNIX (or UNIX-like) operating systems and
        Windows.

UNIX

Run the configure script to generate a Makefile.
                Typically no options are needed.
./configure
Options are available for more customization (use
                ./configure --help for a full list), but
                typically you will only need to specify the location of the
                apxs command installed by Apache httpd with
                the --with-apxs option.
./configure
                --with-apxs=/path/to/httpd-2.x.y/bin/apxs

Compile with: make

Optionally test with: make
                test

Optionally build the ModSecurity™ Log Collector with:
                make mlogc

Optionally install mlogc: Review the
                INSTALL file included in the
                apache2/mlogc-src directory in the distribution.

Install the ModSecurity™ module with:
                make install

Windows (MS VC++ 8)

Edit Makefile.win to configure the
                Apache base and library paths.

Compile with: nmake -f
                Makefile.win

Install the ModSecurity™ module with:
                nmake -f Makefile.win install

Copy the libxml2.dll and
                lua5.1.dll to the Apache
                bin directory. Alternatively you can follow
                the step below for using LoadFile to load these
                libraries.

Edit the main Apache httpd config file (usually
        httpd.conf)
On UNIX (and Windows if you did not copy the DLLs as stated
        above) you must load libxml2 and lua5.1 before ModSecurity™ with something like this:
LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so
Load the ModSecurity™ module
        with:
LoadModule security2_module modules/mod_security2.so

Configure ModSecurity™

Start Apache httpd

You should now have ModSecurity™ 2.x up and running.
Note
If you have compiled Apache yourself you might experience problems
      compiling ModSecurity™ against PCRE.
      This is because Apache bundles PCRE but this library is also typically
      provided by the operating system. I would expect most (all)
      vendor-packaged Apache distributions to be configured to use an external
      PCRE library (so this should not be a problem).
You want to avoid Apache using the bundled PCRE library and
      ModSecurity™ linking against the one
      provided by the operating system. The easiest way to do this is to
      compile Apache against the PCRE library provided by the operating system
      (or you can compile it against the latest PCRE version you downloaded
      from the main PCRE distribution site). You can do this at configure time
      using the --with-pcre switch. If you
      are not in a position to recompile Apache, then, to compile ModSecurity™ successfully, you'd still need to
      have access to the bundled PCRE headers (they are available only in the
      Apache source code) and change the include path for ModSecurity™ (as you did in step 7 above) to
      point to them (via the --with-pcre ModSecurity™ configure option).
Do note that if your Apache is using an external PCRE library you
      can compile ModSecurity™ with
      WITH_PCRE_STUDY defined,which would
      possibly give you a slight performance edge in regular expression
      processing.
               
               
               

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/19843/showart_488368.html