ModSecurity
提供:MDWiki
目次 |
ModSecurity関連サイト
- ModSecurity公式
- 「mod_securityでWebサーバを守る」(株式会社ソフテック)
- 「ModSecurity(mod_security) の Core Rule Set(CRS)を読み解く」(kaito834さん)
ソース
インストール条件
- Apache 2.x+
- mod_uniqueid
- libapr and libapr-util
- libpcre
- libxml2
- liblua v5.1.x (Luaを使う場合。これはオプション)
- libcurl v7.15.1 or higher
もちろん、Ports だけを使うなら make depends して make, make install clean すれば殆ど自動でやってくれるが、Ports には最新版が入っていないこともある(FreeBSD 8.2 release については、2011年現在で 2.6.2 が最新版だが Ports には 2.5.13 が入っている)。
インストール環境の準備
Apache
これは既にインストールされていて、mod_uniqueid もロードされているものとする。
libapr and libapr-util
ここからダウンロード して、適当なところで tar -zxvf で解凍。中に README があるので読む。これらについては、オンラインにインストール手順を説明するリソースは(英語ですら)ないと言ってよいので、ウェブページに頼らないこと。配布ソースの中の README がいちばん確実である(はず)。
libapr は /usr/local/etc/libapr を prefix で選択したものとする。
# fetch http://www.meisei-u.ac.jp/mirror/apache/dist//apr/apr-1.4.2.tar.gz
apr-1.4.2.tar.gz 100% of 927 kB 1367 kBps
bsd# tar -zxvf apr-1.4.2.tar.gz
x apr-1.4.2/
x apr-1.4.2/CHANGES
[...]
# ./configure --prefix=/usr/local/etc/libapr
checking build system type... i386-unknown-freebsd7.2
checking host system type... i386-unknown-freebsd7.2
checking target system type... i386-unknown-freebsd7.2
Configuring APR library
Platform: i386-unknown-freebsd7.2
[...]
# make
nawk -f /usr/home/philsci/src/apr-1.4.2/build/make_exports.awk /usr/home/philsci/src/apr-1.4.2/include/apr_allocator.h /usr/home/philsci/src/apr-1.4.2/include/apr_signal.h /usr/home/philsci/src/apr-1.4.2/include/apr_version.h /usr/home/philsci/src/apr-1.4.2/include/apr_tables.h /usr/home/philsci/src/apr-1.4.2/include/apr_dso.h /usr/home/philsci/src/apr-1.4.2/include/apr_general.h /usr/home/philsci/src/apr-1.4.2/include/apr_global_mutex.h /usr/home/philsci/src/apr-1.4.2/include/apr_thread_rwlock.h /usr/home/philsci/src/apr-1.4.2/include/apr_pools.h /usr/home/philsci/src/apr-1.4.2/include/apr_lib.h /usr/home/philsci/src/apr-1.4.2/include/apr_thread_proc.h /usr/home/philsci/src/apr-1.4.2/include/apr_random.h /usr/home/philsci/src/apr-1.4.2/include/apr_errno.h /usr/home/philsci/src/apr-1.4.2/include/apr_atomic.h /usr/home/philsci/src/apr-1.4.2/include/apr_thread_mutex.h /usr/home/philsci/src/apr-1.4.2/include/apr_strings.h /usr/home/philsci/src/apr-1.4.2/include/apr_mmap.h /usr/home/philsci/src/apr-1.4.2/include/apr_shm.h /usr/home/philsci/src/apr-1.4.2/include/apr_file_io.h /usr/home/philsci/src/apr-1.4.2/include/apr_inherit.h /usr/home/philsci/src/apr-1.4.2/include/apr_time.h /usr/home/philsci/src/apr-1.4.2/include/apr_network_io.h /usr/home/philsci/src/apr-1.4.2/include/apr_file_info.h /usr/home/philsci/src/apr-1.4.2/include/apr_getopt.h /usr/home/philsci/src/apr-1.4.2/include/apr_user.h /usr/home/philsci/src/apr-1.4.2/include/apr_env.h /usr/home/philsci/src/apr-1.4.2/include/apr_ring.h /usr/home/philsci/src/apr-1.4.2/include/apr_portable.h /usr/home/philsci/src/apr-1.4.2/include/apr_proc_mutex.h /usr/home/philsci/src/apr-1.4.2/include/apr_support.h /usr/home/philsci/src/apr-1.4.2/include/apr_thread_cond.h /usr/home/philsci/src/apr-1.4.2/include/apr_fnmatch.h /usr/home/philsci/src/apr-1.4.2/include/apr_hash.h /usr/home/philsci/src/apr-1.4.2/include/apr_want.h /usr/home/philsci/src/apr-1.4.2/include/apr_poll.h > exports.c
[...]
# make install
/usr/home/philsci/src/apr-1.4.2/build/mkdir.sh /usr/local/etc/libapr/lib /usr/local/etc/libapr/bin /usr/local/etc/libapr/build-1 /usr/local/etc/libapr/lib/pkgconfig /usr/local/etc/libapr/include/apr-1
mkdir /usr/local/etc/libapr
mkdir /usr/local/etc/libapr/lib
mkdir /usr/local/etc/libapr/bin
mkdir /usr/local/etc/libapr/build-1
mkdir /usr/local/etc/libapr/lib/pkgconfig
mkdir /usr/local/etc/libapr/include
mkdir /usr/local/etc/libapr/include/apr-1
/usr/bin/install -c -m 644 /usr/home/philsci/src/apr-1.4.2/include/apr.h /usr/local/etc/libapr/include/apr-1
for f in /usr/home/philsci/src/apr-1.4.2/include/apr_*.h; do /usr/bin/install -c -m 644 ${f} /usr/local/etc/libapr/include/apr-1; done
/bin/sh /usr/home/philsci/src/apr-1.4.2/libtool --mode=install /usr/bin/install -c -m 755 libapr-1.la /usr/local/etc/libapr/lib
libtool: install: /usr/bin/install -c -m 755 .libs/libapr-1.so.4 /usr/local/etc/libapr/lib/libapr-1.so.4
libtool: install: (cd /usr/local/etc/libapr/lib && { ln -s -f libapr-1.so.4 libapr-1.so || { rm -f libapr-1.so && ln -s libapr-1.so.4 libapr-1.so; }; })
libtool: install: (cd /usr/local/etc/libapr/lib && { ln -s -f libapr-1.so.4 libapr-1.so || { rm -f libapr-1.so && ln -s libapr-1.so.4 libapr-1.so; }; })
libtool: install: /usr/bin/install -c -m 755 .libs/libapr-1.lai /usr/local/etc/libapr/lib/libapr-1.la
libtool: install: /usr/bin/install -c -m 755 .libs/libapr-1.a /usr/local/etc/libapr/lib/libapr-1.a
libtool: install: chmod 644 /usr/local/etc/libapr/lib/libapr-1.a
libtool: install: ranlib /usr/local/etc/libapr/lib/libapr-1.a
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/etc/libapr/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
/usr/bin/install -c -m 644 apr.exp /usr/local/etc/libapr/lib/apr.exp
/usr/bin/install -c -m 644 apr.pc /usr/local/etc/libapr/lib/pkgconfig/apr-1.pc
for f in libtool shlibtool; do if test -f ${f}; then /usr/bin/install -c -m 755 ${f} /usr/local/etc/libapr/build-1; fi; done
/usr/bin/install -c -m 755 /usr/home/philsci/src/apr-1.4.2/build/mkdir.sh /usr/local/etc/libapr/build-1
for f in make_exports.awk make_var_export.awk; do /usr/bin/install -c -m 644 /usr/home/philsci/src/apr-1.4.2/build/${f} /usr/local/etc/libapr/build-1; done
/usr/bin/install -c -m 644 build/apr_rules.out /usr/local/etc/libapr/build-1/apr_rules.mk
/usr/bin/install -c -m 755 apr-config.out /usr/local/etc/libapr/bin/apr-1-config
libapr-util も上記に準じる。
# fetch http://ftp.riken.jp/net/apache//apr/apr-util-1.3.10.tar.gz
apr-util-1.3.10.tar.gz 100% of 750 kB 1769 kBps
# tar -zxvf apr-util-1.3.10.tar.gz
x apr-util-1.3.10/
x apr-util-1.3.10/CHANGES
[...]
# ./configure --with-apr=/usr/local/etc/libapr
checking build system type... i386-unknown-freebsd7.2
checking host system type... i386-unknown-freebsd7.2
checking target system type... i386-unknown-freebsd7.2
checking for a BSD-compatible install... /usr/bin/install -c
checking for working mkdir -p... yes
[...]
# make
/bin/sh /usr/local/etc/libapr/build-1/libtool --silent --mode=compile gcc -g -O2 -DHAVE_CONFIG_H -I/usr/home/philsci/src/apr-util-1.3.10/include -I/usr/home/philsci/src/apr-util-1.3.10/include/private -I/usr/local/etc/libapr/include/apr-1 -I/usr/local/include -o buckets/apr_buckets_heap.lo -c buckets/apr_buckets_heap.c && touch buckets/apr_buckets_heap.lo
[...]
# make install
/usr/local/etc/libapr/build-1/mkdir.sh /usr/local/apr/include/apr-1 /usr/local/apr/lib/pkgconfig /usr/local/apr/lib /usr/local/apr/bin
mkdir /usr/local/apr
mkdir /usr/local/apr/include
mkdir /usr/local/apr/include/apr-1
mkdir /usr/local/apr/lib
mkdir /usr/local/apr/lib/pkgconfig
mkdir /usr/local/apr/bin
for f in /usr/home/philsci/src/apr-util-1.3.10/include/*.h /usr/home/philsci/src/apr-util-1.3.10/include/*.h; do /usr/bin/install -c -m 644 ${f} /usr/local/apr/include/apr-1; done
/usr/bin/install -c -m 644 apr-util.pc /usr/local/apr/lib/pkgconfig/apr-util-1.pc
list=''; for i in $list; do ( cd $i ; make DESTDIR= install ); done
/bin/sh /usr/local/etc/libapr/build-1/libtool --mode=install /usr/bin/install -c -m 755 libaprutil-1.la /usr/local/apr/lib
libtool: install: /usr/bin/install -c -m 755 .libs/libaprutil-1.so.3 /usr/local/apr/lib/libaprutil-1.so.3
libtool: install: (cd /usr/local/apr/lib && { ln -s -f libaprutil-1.so.3 libaprutil-1.so || { rm -f libaprutil-1.so && ln -s libaprutil-1.so.3 libaprutil-1.so; }; })
libtool: install: (cd /usr/local/apr/lib && { ln -s -f libaprutil-1.so.3 libaprutil-1.so || { rm -f libaprutil-1.so && ln -s libaprutil-1.so.3 libaprutil-1.so; }; })
libtool: install: /usr/bin/install -c -m 755 .libs/libaprutil-1.lai /usr/local/apr/lib/libaprutil-1.la
libtool: install: /usr/bin/install -c -m 755 .libs/libaprutil-1.a /usr/local/apr/lib/libaprutil-1.a
libtool: install: chmod 644 /usr/local/apr/lib/libaprutil-1.a
libtool: install: ranlib /usr/local/apr/lib/libaprutil-1.a
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/apr/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
/usr/bin/install -c -m 644 aprutil.exp /usr/local/apr/lib
/usr/bin/install -c -m 755 apu-config.out /usr/local/apr/bin/apu-1-config
libpcre
ここから8.12をダウンロード。
# fetch ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.12.tar.gz
pcre-8.12.tar.gz 100% of 1285 kB 142 kBps
# tar -zxvf pcre-8.12.tar.gz
[...]
# cd pcre-8.12
# ./configure
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
[...]
pcre-8.12 configuration summary:
Install prefix .................. : /usr/local
C preprocessor .................. : gcc -E
C compiler ...................... : gcc
C++ preprocessor ................ : g++ -E
C++ compiler .................... : g++
Linker .......................... : /usr/bin/ld
C preprocessor flags ............ :
C compiler flags ................ : -O2
C++ compiler flags .............. : -O2
Linker flags .................... :
Extra libraries ................. :
Build C++ library ............... : yes
Enable UTF-8 support ............ : no
Unicode properties .............. : no
Newline char/sequence ........... : lf
\R matches only ANYCRLF ......... : no
EBCDIC coding ................... : no
Rebuild char tables ............. : no
Use stack recursion ............. : yes
POSIX mem threshold ............. : 10
Internal link size .............. : 2
Match limit ..................... : 10000000
Match limit recursion ........... : MATCH_LIMIT
Build shared libs ............... : yes
Build static libs ............... : yes
Link pcregrep with libz ......... : no
Link pcregrep with libbz2 ....... : no
Link pcretest with libreadline .. : no
#make
make all-am
/usr/local/bin/bash ./libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -O2 -MT pcre_compile.lo -MD -MP -MF .deps/pcre_compile.Tpo -c -o pcre_compile.lo pcre_compile.c
libtool: compile: gcc -DHAVE_CONFIG_H -I. -O2 -MT pcre_compile.lo -MD -MP -MF .deps/pcre_compile.Tpo -c pcre_compile.c -fPIC -DPIC -o .libs/pcre_compile.o
[...]
# make install
test -z "/usr/local/lib" || ./install-sh -c -d "/usr/local/lib"
/usr/local/bin/bash ./libtool --mode=install /usr/bin/install -c libpcre.la libpcreposix.la libpcrecpp.la '/usr/local/lib'
[...]
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
[...]
#
libxml2
ダウンロードページからダウンロード。
# fetch ftp://xmlsoft.org/libxml2/libxml2-2.7.8.tar.gz
libxml2-2.7.8.tar.gz 100% of 4767 kB 87 kBps 00m00s
# tar -zxvf libxml2-2.7.8.tar.gz
x libxml2-2.7.8/
x libxml2-2.7.8/nanoftp.c
[...]
# ./configure
checking build system type... i386-unknown-freebsd7.2
checking host system type... i386-unknown-freebsd7.2
checking for a BSD-compatible install... /usr/bin/install -c
# make
make all-recursive
Making all in include
Making all in libxml
Making all in .
/usr/local/bin/bash ./libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I./include -I./include -D_REENTRANT -g -O2 -pedantic -W -Wformat -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls -MT SAX.lo -MD -MP -MF .deps/SAX.Tpo -c -o SAX.lo SAX.c
[...]
# make install
Making install in include
Making install in libxml
[...]
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
[...]
libcurl
Downloadページからソースをもらう。
# fetch http://curl.haxx.se/download/curl-7.21.5.tar.gz
curl-7.21.5.tar.gz 100% of 2816 kB 320 kBps
# tar -zxvf curl-7.21.5.tar.gz
x curl-7.21.5/
x curl-7.21.5/config.guess
[...]
# cd curl-7.21.5
# ./configure
checking whether to enable maintainer-specific portions of Makefiles... no
checking whether to enable debug build options... no
[...]
configure: Configured to build curl/libcurl:
curl version: 7.21.5
Host setup: i386-unknown-freebsd7.2
Install prefix: /usr/local
Compiler: gcc
SSL support: enabled (OpenSSL)
SSH support: no (--with-libssh2)
zlib support: enabled
krb4 support: no (--with-krb4*)
GSSAPI support: no (--with-gssapi)
SPNEGO support: no (--with-spnego)
TLS-SRP support: no (--enable-tls-srp)
resolver: default (--enable-ares / --enable-threaded-resolver)
ipv6 support: enabled
IDN support: no (--with-libidn)
Build libcurl: Shared=yes, Static=yes
Built-in manual: enabled
Verbose errors: enabled (--disable-verbose)
SSPI support: no (--enable-sspi)
ca cert bundle: /etc/ssl/cert.pem
ca cert path: no
LDAP support: no (--enable-ldap / --with-ldap-lib / --with-lber-lib)
LDAPS support: no (--enable-ldaps)
RTSP support: enabled
RTMP support: no (--with-librtmp)
Protocols: DICT FILE FTP FTPS GOPHER HTTP HTTPS IMAP IMAPS POP3 POP3S RTSP SMTP SMTPS TELNET TFTP
# make
Making all in lib
make all-am
if /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I../include/curl -I../include -I../include -I../lib -I../lib -g0 -O2 -Wno-system-headers -g0 -O2 -Wno-system-headers -MT libcurl_la-file.lo -MD -MP -MF ".deps/libcurl_la-file.Tpo" -c -o libcurl_la-file.lo `test -f 'file.c' || echo './'`file.c; then mv -f ".deps/libcurl_la-file.Tpo" ".deps/libcurl_la-file.Plo"; else rm -f ".deps/libcurl_la-file.Tpo"; exit 1; fi
libtool: compile: gcc -DHAVE_CONFIG_H -I../include/curl -I../include -I../include -I../lib -I../lib -g0 -O2 -Wno-system-headers -g0 -O2 -Wno-system-headers -MT libcurl_la-file.lo -MD -MP -MF .deps/libcurl_la-file.Tpo -c file.c -fPIC -DPIC -o .libs/libcurl_la-file.o
[...]
# make install
Making install in lib
test -z "/usr/local/lib" || /bin/sh ../mkinstalldirs "/usr/local/lib"
/bin/sh ../libtool --mode=install /usr/bin/install -c 'libcurl.la' '/usr/local/lib/libcurl.la'
libtool: install: /usr/bin/install -c .libs/libcurl.so.6 /usr/local/lib/libcurl.so.6
libtool: install: (cd /usr/local/lib && { ln -s -f libcurl.so.6 libcurl.so || { rm -f libcurl.so && ln -s libcurl.so.6 libcurl.so; }; })
libtool: install: (cd /usr/local/lib && { ln -s -f libcurl.so.6 libcurl.so || { rm -f libcurl.so && ln -s libcurl.so.6 libcurl.so; }; })
libtool: install: /usr/bin/install -c .libs/libcurl.lai /usr/local/lib/libcurl.la
libtool: install: /usr/bin/install -c .libs/libcurl.a /usr/local/lib/libcurl.a
libtool: install: chmod 644 /usr/local/lib/libcurl.a
libtool: install: ranlib /usr/local/lib/libcurl.a
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
Making install in src
[...]
ModSecurity本体
Downloadページから、stable release をダウンロードする。インストール時は、httpd を停止させなければならないことに注意。
# httpd -k stop
# fetch http://www.modsecurity.org/download/modsecurity-apache_2.5.13.tar.gz
modsecurity-apache_2.5.13.tar.gz 100% of 1387 kB 387 kBps
# tar -zxvf modsecurity-apache_2.5.13.tar.gz
x modsecurity-apache_2.5.13/
# cd modsecurity-apache_2.5.13/apache2
# ./configure
checking for gawk... no
checking for mawk... no
[...]
# make
/usr/local/build-1/libtool --silent --mode=compile cc -prefer-pic -O2 -fno-strict-aliasing -pipe -I/usr/include -I/usr/local/include -I/usr/local/include/apache22 -I/usr/local/include/apr-1 -I/usr/local/include/apr-1 -I/usr/local/include -O2 -g -Wall -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -I/usr/local/include/apache22 -I/usr/local/include/apache22 -I. -I/usr/ports/www/apache22/work/httpd-2.2.11/srclib/apr/include -I/usr/ports/www/apache22/work/httpd-2.2.11/srclib/apr-util/include -I/usr/local/include -I/usr/include -I/usr/local/include -I/usr/local/include/libxml2 -c -o mod_security2.lo mod_security2.c && touch mod_security2.slo
[...]
# make install
build/apxs-wrapper -i mod_security2.la
/usr/local/share/apache22/build/instdso.sh SH_LIBTOOL='/usr/local/build-1/libtool' mod_security2.la /usr/local/libexec/apache22
/usr/local/build-1/libtool --mode=install cp mod_security2.la /usr/local/libexec/apache22/
cp .libs/mod_security2.so /usr/local/libexec/apache22/mod_security2.so
cp .libs/mod_security2.lai /usr/local/libexec/apache22/mod_security2.la
cp .libs/mod_security2.a /usr/local/libexec/apache22/mod_security2.a
chmod 644 /usr/local/libexec/apache22/mod_security2.a
ranlib /usr/local/libexec/apache22/mod_security2.a
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/libexec/apache22
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/local/libexec/apache22/mod_security2.so
/usr/local/etc/apache22/httpd.conf を編集してロードする。
# for ModSecurity LoadFile /usr/local/lib/libxml2.so LoadModule security2_module /usr/local/libexec/apache22/mod_security2.so
httpd を起動する。
# httpd -k start #
リンク
- セキュリティ関連ツール のトップページへ
- security sub Wiki のトップページへ
