{"id":63002,"date":"2020-11-04T13:27:51","date_gmt":"2020-11-04T18:27:51","guid":{"rendered":"https:\/\/www.inmotionhosting.com\/support\/?p=63002"},"modified":"2024-03-21T17:16:57","modified_gmt":"2024-03-21T21:16:57","slug":"install-modsecurity-apache-module","status":"publish","type":"post","link":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/","title":{"rendered":"How to Install the ModSecurity Apache Module"},"content":{"rendered":"<p>The <a rel=\"noreferrer noopener\" href=\"https:\/\/httpd.apache.org\/\" target=\"_blank\">Apache web server software<\/a> can be customized to suit your needs with many third party modules. One of the most popular Apache security modules is <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/what-is-modsecurity-and-why-is-it-important\/\">ModSecurity<\/a>. It operates as a signature-based firewall, capable of blocking cross-site scripting (XSS), brute force attacks, and known code injection attacks for dynamic websites that depend on SQL and PHP. Some even use ModSecurity for <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/pci-compliance\/\">PCI compliance<\/a>.<\/p>\n\n\n\n<p>Instead of siphoning sensitive data, attempted cyber attackers will be blocked by ModSecurity with a <a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/error-numbers\/403-forbidden-error\/\">403 error<\/a>.<\/p>\n\n\n\n<p>ModSecurity can process events as a host-based intrusion detection system (HIDS) or intrusion prevention system (IPS) application depending on how you configure it.<\/p>\n\n\n\n<p>ModSecurity is pre-configured on our cPanel server hosting so you don\u2019t need to when <a href=\"https:\/\/www.inmotionhosting.com\/support\/product-guides\/vps-hosting\/ways-to-harden-your-vps-hosting\/\">securing your dedicated server or VPS<\/a>. Many cPanel administrators rarely modify ModSecurity unless they need to <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/cpanel\/how-to-disable-modsecurity-cpanel\/\">temporarily disable it<\/a> for a system administration task. Meanwhile, non-cPanel servers may not include ModSecurity, especially if you have to <a href=\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/how-to-install-apache-on-centos-7\/\">install Apache manually on CentOS<\/a> or <a href=\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/how-to-install-apache-on-ubuntu\/\">Debian\/Ubuntu<\/a>. This provides flexibility with how you <a href=\"https:\/\/www.inmotionhosting.com\/support\/product-guides\/cloud-server\/secure-cloud-server-hosting\/\">secure your cloud server<\/a>.<\/p>\n\n\n\n<p class=\"alert alert-info\">Although not covered in this article, ModSecurity is also natively available for <a href=\"https:\/\/www.inmotionhosting.com\/support\/server\/nginx\/what-is-nginx\/\">NGINX web server<\/a>.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/support\/server\/ssh\/how-to-login-ssh\/\">SSH into your server<\/a>. Then we\u2019ll cover:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"#install\">Installing ModSecurity<\/a>\n<ul class=\"wp-block-list\">\n<li><a href=\"#centos\">CentOS<\/a><\/li>\n\n\n\n<li><a href=\"#debian\">Debian<\/a><\/li>\n\n\n\n<li><a href=\"#ubuntu\">Ubuntu<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"#config\">Configuring ModSecurity<\/a><\/li>\n\n\n\n<li><a href=\"#owasp\">OWASP Core Rule Set (CRS) for ModSecurity<\/a><\/li>\n\n\n\n<li><a href=\"#test\">Test ModSecurity Configuration<\/a><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"install\">Installing ModSecurity<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"centos\">CentOS<\/h3>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>Update software repositories:<pre>sudo yum update -y<\/pre><\/li>\n\n\n\n<li>Download and install the ModSecurity Apache module: <pre>sudo yum install mod_security <\/pre><\/li>\n\n\n\n<li>Type <kbd>y<\/kbd>.<\/li>\n\n\n\n<li>Restart the Apache service: <pre>sudo systemctl restart httpd<\/pre><\/li>\n\n\n\n<li>Ensure the installed software version is at least 2.9: <pre>yum info mod_security<\/pre><\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"debian\">Debian<\/h3>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>Update software repos:<pre>sudo apt update -y<\/pre><\/li>\n\n\n\n<li>Download and install the ModSecurity Apache module:<pre>sudo apt install libapache2-mod-security2<\/pre><\/li>\n\n\n\n<li>Type <kbd>Y<\/kbd>.<\/li>\n\n\n\n<li>Restart the Apache service:<pre>sudo systemctl restart apache2 <\/pre><\/li>\n\n\n\n<li>Ensure the installed software version is at least 2.9: <pre>apt-cache show libapache2-mod-security2 | grep -E '(Version|Package)<\/pre> <p class=\"alert alert-info\">This command will grep for 2 things at once<\/p><\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"ubuntu\">Ubuntu<\/h3>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>Update software repos:<pre>sudo apt update -y<\/pre><\/li>\n\n\n\n<li>Download and install the ModSecurity Apache module:<pre>sudo apt install libapache2-mod-security2<\/pre><\/li>\n\n\n\n<li>Type <kbd>Y<\/kbd>.<\/li>\n\n\n\n<li>Restart the Apache service:<pre>sudo systemctl restart apache2 <\/pre><\/li>\n\n\n\n<li>Ensure the installed software version is at least 2.9: <pre>apt-cache show libapache2-mod-security2 <\/pre><\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"config\">Configure ModSecurity<\/h2>\n\n\n\n<p>ModSecurity is set to detect and log suspicious events only by default. Below we\u2019ll configure it to detect and block suspicious activity.<\/p>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>Copy the default ModSecurity configuration file to a new file:<pre>sudo cp \/etc\/modsecurity\/modsecurity.conf-recommended \/etc\/modsecurity\/modsecurity.conf<\/pre><\/li>\n\n\n\n<li>Edit the ModSecurity configuration file with Vi, <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/emacs\/choosing-emacs-vs-vim\/\">Vim, Emacs<\/a>, or <a href=\"https:\/\/www.inmotionhosting.com\/support\/server\/ssh\/how-to-edit-files-using-nano\/\">Nano<\/a>.<pre>sudo nano \/etc\/modsecurity\/modsecurity.conf<\/pre><\/li>\n\n\n\n<li>Near the top of the file, you\u2019ll see <code>SecRuleEngine DetectionOnly<\/code>. Change <code>DetectionOnly<\/code> to <code>On<\/code>.<\/li>\n\n\n\n<li>Save changes.<\/li>\n\n\n\n<li>Restart Apache:<pre>systemctl restart apache2 <\/pre><\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"owasp\">Download OWASP Core Rule Set<\/h2>\n\n\n\n<p>To ensure you have the latest ModSecurity rules, you can download the latest ModSecurity Core Rule Set (CRS) from Open Web Application Security Project (OWASP) at <a rel=\"noreferrer noopener\" href=\"https:\/\/coreruleset.org\/\" target=\"_blank\">CoreRuleSet.org<\/a>.<\/p>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>While logged into your server, download the latest CRS from <a rel=\"noreferrer noopener\" href=\"https:\/\/coreruleset.org\/installation\/\" target=\"_blank\">CoreRuleSet.org\/installation<\/a>, replacing the GitHub URL as needed:<pre>wget https:\/\/github.com\/coreruleset\/coreruleset\/archive\/v3.3.0.zip<\/pre><\/li>\n\n\n\n<li>Verify the checksum (<a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/create-checksum-locally\/\">Windows, MacOS<\/a>, <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/verify-checksums-ssh\/\">*nix<\/a>) of your downloaded file against the provided message digest, replacing \u201cvFileName\u201d with the actual file name (e.g. v3.3.0.zip). For example:<br>Windows:<pre>certutil -hashfile vFileName.zip sha1; echo ProvidedChecksum<\/pre><br>Mac:<pre>shasum vFileName.zip &amp;&amp; echo ProvidedChecksum<\/pre><br>*nix: <pre>sha1sum vFileName.zip &amp;&amp; echo ProvidedChecksum <\/pre><\/li>\n\n\n\n<li>If the checksums differ, <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/reasons-your-checksum-doesnt-match-the-original\/\">troubleshoot why the checksums don\u2019t match<\/a> before continuing to ensure you don\u2019t execute a corrupted or malicious file.<\/li>\n\n\n\n<li>Unzip the file:<pre>unzip FileName.zip<\/pre><\/li>\n\n\n\n<li>Move the CRS setup file from the new directory into your ModSecurity directory: <pre>mv coreruleset-3.3.0\/crs-setup.conf.example \/etc\/modsecurity\/crs-setup.conf<\/pre><\/li>\n\n\n\n<li>(Optional but recommended) Move the rules directory from the new directory to your ModSecurity directory:<pre>mv coreruleset-3.3.0\/rules\/ \/etc\/modsecurity\/<\/pre><\/li>\n\n\n\n<li>Edit your Apache security2.conf file to ensure it\u2019ll load ModSecurity rules: <pre>nano \/etc\/apache2\/mods-enabled\/security2.conf<\/pre><\/li>\n\n\n\n<li>Ensure both the default ModSecurity and new CRS configuration files are listed. The first line conf file path may already be included. The second file path should be wherever you moved the \/rules directory.<br><pre>IncludeOptional \/etc\/modsecurity\/*.conf<br>Include \/etc\/modsecurity\/rules\/*.conf<\/pre><\/li>\n\n\n\n<li>Restart Apache:<pre>systemctl restart apache2<\/pre><\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"restart\">Can\u2019t Restart Apache<\/h3>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>If Apache fails to restart, check the status for error information:<pre>systemctl status apache <\/pre><\/li>\n\n\n\n<li>For this example, I received the error: <code>AH00526: Syntax error on line 845 of \/etc\/modsecurity\/crs\/crs-setup.conf<\/code>. To resolve this error, edit the Apache security configuration file again:<pre>\/etc\/apahc2\/mods-enabled\/security2.conf<\/pre><\/li>\n\n\n\n<li>Comment out this file path by adding a <code>#<\/code> in the beginning of the line: <code># IncludeOptional \/usr\/share\/modsecurity-crs\/owasp-crs.load<\/code>.<\/li>\n\n\n\n<li>Save changes.<\/li>\n\n\n\n<li>Apache should now restart successful:<pre>systemctl restart apache2<\/pre><\/li>\n<\/ol>\n\n\n\n<p class=\"alert alert-info\">If you continue to have issues, <a href=\"https:\/\/www.inmotionhosting.com\/support\/amp\/how-to-get-great-technical-support\/\">contact Live Support directly<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"test\">Test ModSecurity Configuration<\/h2>\n\n\n\n<p>Afterwards, you should test your ModSecurity setup to ensure it blocks suspicious network traffic. Below we\u2019ll create a test blocking rule and check if we receive a 403 error and a ModSecurity log entry.<\/p>\n\n\n\n<ol class=\"article_list wp-block-list\">\n<li>Edit your default Apache configuration file:<pre>sudo nano \/etc\/apache2\/sites-available\/000-default.conf<\/pre><\/li>\n\n\n\n<li>At the bottom of the file, above <code>&lt;\/VirtualHost&gt;<\/code>, add the following custom ModSecurity rule:<pre>SecRuleEngine On<br>SecRule ARGS:testparam \"@contains test\" \"id:999,deny,status:403,msg:'Test Successful'\"<\/pre> Change the <code>id<\/code> number and message (<code>msg<\/code>) as desired.<\/li>\n\n\n\n<li>Save changes.<\/li>\n\n\n\n<li>Restart Apache:<pre>systemctl restart apache2<\/pre><\/li>\n\n\n\n<li>In your browser, attempt to access a URL on that server with <code>?testparam=test<\/code> on the end (e.g. domain.com\/?testparam=test.<\/li>\n\n\n\n<li>You should receive a <a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/error-numbers\/403-forbidden-error\/\">403 Forbidden error<\/a>.<\/li>\n\n\n\n<li>You can confirm this by searching your Apache error log for ModSecurity errors using your error message (\u201cTest Successful\u201d) or id number (999):<pre>cat \/var\/log\/apache2\/error.log | grep \u2018Test Successful\u2019<\/pre><\/li>\n<\/ol>\n\n\n\n<p>You can remove the rule afterwards if you wish.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"819\" height=\"261\" src=\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png\" class=\"optimized-lcp-image\" alt=\"\" loading=\"eager\" fetchpriority=\"high\" sizes=\"(max-width: 768px) 100vw, 768px\" srcset=\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png 819w, https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error-300x96.png 300w, https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error-768x245.png 768w\"><\/figure>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/www.modsecurity.org\/about.html\" target=\"_blank\">ModSecurity is capable of so much more<\/a>. However, it\u2019s still not a complete security solution regardless of how many rule sets you integrate with it. You still need other types of security controls to <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/why-security-is-important-for-small-businesses\/\">secure your business data<\/a> including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Scheduled anti-virus scanning to protect file integrity (we recommend <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/install-clamav-on-ubuntu\/\">ClamAV<\/a> or <a href=\"https:\/\/www.inmotionhosting.com\/support\/product-guides\/vps-hosting\/getting-started-with-imunifyav-cpanel-plugin\/\">Imunify<\/a>)<\/li>\n\n\n\n<li>Server firewalls for port managment (e.g. <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/install-csf-on-ubuntu\/\">CSF<\/a>, <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/how-to-install-firewalld-on-linux\/\">Firewalld<\/a>, and <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/open-a-port-in-ufw\/\">UFW<\/a>) and software firewalls for web applications including the WordPress content management systems (CMS)<\/li>\n\n\n\n<li>Recent, <a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/backup-and-restore\/the-value-of-different-types-of-backups\/\">verified backups<\/a> for disaster recovery<\/li>\n\n\n\n<li><a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/analytics\/choose-the-best-analytics-tool\/\">Website analytics<\/a> for auditing the effectiveness of the aforementioned technical controls <\/li>\n<\/ul>\n\n\n\n<p class=\"alert alert-info\">Protect your website from denial-of-service (DoS) attacks and boost website performance with the <a href=\"https:\/\/sucuri.net\/lp\/promo\/inmotion\/?clickid=zPO3oWS7UxyLT9tQy%3ASR0UvEUkBWzRUChTDQUQ0\">Sucuri web application firewall<\/a> (WAF).<\/p>\n\n\n\n<p>Do you have a security information and event management (SIEM) solution for your network? Learn more about how to get the most out of your ModSecurity application by integrating your ModSecurity logs into the <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/install-splunk\/\">Splunk Enterprise (SIEM) suite<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Apache web server software can be customized to suit your needs with many third party modules. One of the most popular Apache security modules is ModSecurity. It operates as a signature-based firewall, capable of blocking cross-site scripting (XSS), brute force attacks, and known code injection attacks for dynamic websites that depend on SQL and<a class=\"moretag\" href=\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\"> Read More ><\/a><\/p>\n","protected":false},"author":57014,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4355],"tags":[],"class_list":["post-63002","post","type-post","status-publish","format-standard","hentry","category-apache"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Install the ModSecurity Apache Module<\/title>\n<meta name=\"description\" content=\"Learn how to install ModSecurity for the Apache web server, integrate OWASP Core Rule Set (CRS), and test your server settings.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Install the ModSecurity Apache Module\" \/>\n<meta property=\"og:description\" content=\"Learn how to install ModSecurity for the Apache web server, integrate OWASP Core Rule Set (CRS), and test your server settings.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\" \/>\n<meta property=\"og:site_name\" content=\"InMotion Hosting Support Center\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/inmotionhosting\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-04T18:27:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-21T21:16:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png\" \/>\n<meta name=\"author\" content=\"InMotion Hosting Contributor\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/InMotionHosting\" \/>\n<meta name=\"twitter:site\" content=\"@InMotionHosting\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"InMotion Hosting Contributor\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\"},\"author\":{\"name\":\"InMotion Hosting Contributor\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/person\/f9a4fc454cd1df128ee8e898d30d4644\"},\"headline\":\"How to Install the ModSecurity Apache Module\",\"datePublished\":\"2020-11-04T18:27:51+00:00\",\"dateModified\":\"2024-03-21T21:16:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\"},\"wordCount\":889,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png\",\"articleSection\":[\"Apache\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\",\"url\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\",\"name\":\"How to Install the ModSecurity Apache Module\",\"isPartOf\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png\",\"datePublished\":\"2020-11-04T18:27:51+00:00\",\"dateModified\":\"2024-03-21T21:16:57+00:00\",\"description\":\"Learn how to install ModSecurity for the Apache web server, integrate OWASP Core Rule Set (CRS), and test your server settings.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage\",\"url\":\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png\",\"contentUrl\":\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png\",\"width\":819,\"height\":261},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.inmotionhosting.com\/support\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Install the ModSecurity Apache Module\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#website\",\"url\":\"https:\/\/www.inmotionhosting.com\/support\/\",\"name\":\"InMotion Hosting Support Center\",\"description\":\"Web Hosting Support &amp; Tutorials\",\"publisher\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.inmotionhosting.com\/support\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#organization\",\"name\":\"InMotion Hosting\",\"url\":\"https:\/\/www.inmotionhosting.com\/support\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2023\/02\/inmotion-hosting-logo-yoast.jpg\",\"contentUrl\":\"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2023\/02\/inmotion-hosting-logo-yoast.jpg\",\"width\":696,\"height\":696,\"caption\":\"InMotion Hosting\"},\"image\":{\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/inmotionhosting\/\",\"https:\/\/x.com\/InMotionHosting\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/person\/f9a4fc454cd1df128ee8e898d30d4644\",\"name\":\"InMotion Hosting Contributor\",\"description\":\"InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/inmotion-hosting\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/InMotionHosting\"],\"url\":\"https:\/\/www.inmotionhosting.com\/support\/author\/inmotion-hosting-contributor\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Install the ModSecurity Apache Module","description":"Learn how to install ModSecurity for the Apache web server, integrate OWASP Core Rule Set (CRS), and test your server settings.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/","og_locale":"en_US","og_type":"article","og_title":"How to Install the ModSecurity Apache Module","og_description":"Learn how to install ModSecurity for the Apache web server, integrate OWASP Core Rule Set (CRS), and test your server settings.","og_url":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/","og_site_name":"InMotion Hosting Support Center","article_publisher":"https:\/\/www.facebook.com\/inmotionhosting\/","article_published_time":"2020-11-04T18:27:51+00:00","article_modified_time":"2024-03-21T21:16:57+00:00","og_image":[{"url":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png","type":"","width":"","height":""}],"author":"InMotion Hosting Contributor","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/InMotionHosting","twitter_site":"@InMotionHosting","twitter_misc":{"Written by":"InMotion Hosting Contributor","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#article","isPartOf":{"@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/"},"author":{"name":"InMotion Hosting Contributor","@id":"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/person\/f9a4fc454cd1df128ee8e898d30d4644"},"headline":"How to Install the ModSecurity Apache Module","datePublished":"2020-11-04T18:27:51+00:00","dateModified":"2024-03-21T21:16:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/"},"wordCount":889,"commentCount":2,"publisher":{"@id":"https:\/\/www.inmotionhosting.com\/support\/#organization"},"image":{"@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png","articleSection":["Apache"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/","url":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/","name":"How to Install the ModSecurity Apache Module","isPartOf":{"@id":"https:\/\/www.inmotionhosting.com\/support\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage"},"image":{"@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png","datePublished":"2020-11-04T18:27:51+00:00","dateModified":"2024-03-21T21:16:57+00:00","description":"Learn how to install ModSecurity for the Apache web server, integrate OWASP Core Rule Set (CRS), and test your server settings.","breadcrumb":{"@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#primaryimage","url":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png","contentUrl":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2020\/11\/403-forbidden-error.png","width":819,"height":261},{"@type":"BreadcrumbList","@id":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/install-modsecurity-apache-module\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inmotionhosting.com\/support\/"},{"@type":"ListItem","position":2,"name":"How to Install the ModSecurity Apache Module"}]},{"@type":"WebSite","@id":"https:\/\/www.inmotionhosting.com\/support\/#website","url":"https:\/\/www.inmotionhosting.com\/support\/","name":"InMotion Hosting Support Center","description":"Web Hosting Support &amp; Tutorials","publisher":{"@id":"https:\/\/www.inmotionhosting.com\/support\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inmotionhosting.com\/support\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.inmotionhosting.com\/support\/#organization","name":"InMotion Hosting","url":"https:\/\/www.inmotionhosting.com\/support\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/logo\/image\/","url":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2023\/02\/inmotion-hosting-logo-yoast.jpg","contentUrl":"https:\/\/www.inmotionhosting.com\/support\/wp-content\/uploads\/2023\/02\/inmotion-hosting-logo-yoast.jpg","width":696,"height":696,"caption":"InMotion Hosting"},"image":{"@id":"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/inmotionhosting\/","https:\/\/x.com\/InMotionHosting"]},{"@type":"Person","@id":"https:\/\/www.inmotionhosting.com\/support\/#\/schema\/person\/f9a4fc454cd1df128ee8e898d30d4644","name":"InMotion Hosting Contributor","description":"InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!","sameAs":["https:\/\/www.linkedin.com\/company\/inmotion-hosting\/","https:\/\/x.com\/https:\/\/twitter.com\/InMotionHosting"],"url":"https:\/\/www.inmotionhosting.com\/support\/author\/inmotion-hosting-contributor\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"primary_category":{"id":4355,"name":"Apache","slug":"apache","link":"https:\/\/www.inmotionhosting.com\/support\/server\/apache\/"},"_links":{"self":[{"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/posts\/63002","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/users\/57014"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/comments?post=63002"}],"version-history":[{"count":11,"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/posts\/63002\/revisions"}],"predecessor-version":[{"id":116447,"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/posts\/63002\/revisions\/116447"}],"wp:attachment":[{"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/media?parent=63002"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/categories?post=63002"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/support\/wp-json\/wp\/v2\/tags?post=63002"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}