{"id":8686,"date":"2020-06-15T07:42:54","date_gmt":"2020-06-15T11:42:54","guid":{"rendered":"http:\/\/local.brightwhiz\/?p=8686"},"modified":"2021-12-04T09:10:41","modified_gmt":"2021-12-04T09:10:41","slug":"configure-mod-security","status":"publish","type":"post","link":"http:\/\/local.brightwhiz\/configure-mod-security\/","title":{"rendered":"How to Configure mod_security With Apache on Debian\/Ubuntu or CentOS"},"content":{"rendered":"\n

mod_security is a free Web Application Firewall (WAF) that comes with Apache<\/a>, Nginx<\/a>, and IIS<\/a> web servers. It is designed to monitor HTTP<\/a> traffic in real-time in order to detect and mitigate attacks.<\/p>\n\n\n\n

ModSecurity which acts as an intrusion detection tool, allows server administrators to react to suspicious activity and is able to prevent SQL<\/a> Injection, Cross-site Scripting, Malware<\/a>, Trojans, Bad user agents, Session hijacking, and a lot of other exploits.<\/p>\n\n\n\n

ModSecurity comes with a default configuration however there is an OWASP ModSecurity Core Rule Set (CRS)<\/a> that provides a set of generic attack detection rules that provide a base level of protection for any web application from a wide range of attacks with minimal false alerts.<\/p>\n\n\n\n

This tutorial will assume you have already installed the LAMP stack<\/a> on your server.<\/p>\n\n\n\n

Step 1: Install mod_security<\/h2>\n\n\n\n

Debian<\/strong><\/p>\n\n\n\n

$ sudo apt install libapache2-modsecurity<\/code><\/pre>\n\n\n\n
Restart Apache:<\/p>\n\n\n\n
$ sudo systemctl restart apache2<\/code><\/pre>\n\n\n\n
Verify that the version of ModSecurity is 2.8.0 or higher:<\/p>\n\n\n\n
$ apt-cache show libapache2-modsecurity<\/code><\/pre>\n\n\n\n
Ubuntu<\/strong><\/p>\n\n\n\n
$ sudo apt-get install libapache2-mod-security2<\/code><\/pre>\n\n\n\n
Restart Apache:<\/p>\n\n\n\n
$ sudo systemctl restart apache2<\/code><\/pre>\n\n\n\n
Verify that the version of ModSecurity is 2.8.0 or higher:<\/p>\n\n\n\n
$ apt-cache show libapache2-mod-security2<\/code><\/pre>\n\n\n\n
If you use apachectl -M<\/strong> to list all mods, ModSecurity will be listed under the name security2_module. or you could filter the result by using:<\/p>\n\n\n\n
$ apachectl -M | grep --color security<\/code><\/pre>\n\n\n\n
The output will be:<\/p>\n\n\n\n
security2_module (shared)<\/code><\/pre>\n\n\n\n
CentOS<\/strong><\/p>\n\n\n\n
$ yum install mod_security<\/code><\/pre>\n\n\n\n
Restart Apache by entering the following command:<\/p>\n\n\n\n
$ \/etc\/init.d\/httpd restart<\/code><\/pre>\n\n\n\n
Verify that the version of ModSecurity is 2.8.0 or higher:<\/p>\n\n\n\n
$ yum info mod_security<\/code><\/pre>\n\n\n\n
Step 2: Enable the OWASP ModSecurity Core Rule Set<\/h2>\n\n\n\n
Start by renaming the default ModSecurity file (the path below is for Ubuntu<\/a>\/Debian based distros):<\/p>\n\n\n\n
$ mv \/etc\/modsecurity\/modsecurity.conf-recommended modsecurity.conf<\/code><\/pre>\n\n\n\n
We then need to download the OWASP ModSecurity CRS from Github. In case you need to install git (if you haven’t installed it before) run the following:<\/p>\n\n\n\n
$ sudo apt install git<\/code><\/pre>\n\n\n\n
Download the OWASP ModSecurity CRS:<\/p>\n\n\n\n
$ git clone https:\/\/github.com\/SpiderLabs\/owasp-modsecurity-crs.git<\/code><\/pre>\n\n\n\n
From the downloaded location move the relevant files as shown below:<\/p>\n\n\n\n
$ owasp-modsecurity-crs\n$ mv crs-setup.conf.example \/etc\/modsecurity\/crs-setup.conf\n$ mv rules\/ \/etc\/modsecurity\/<\/code><\/pre>\n\n\n\n
Open this configuration file:<\/p>\n\n\n\n
$ sudo nano \/etc\/apache2\/mods-available\/security2.conf<\/code><\/pre>\n\n\n\n
Add the IncludeOptional<\/strong> directive and the Include directive as shown below:<\/p>\n\n\n\n
<IfModule security2_module>\n        # Default Debian dir for modsecurity's persistent data\n        SecDataDir \/var\/cache\/modsecurity\n\n        # Include all the *.conf files in \/etc\/modsecurity.\n        # Keeping your local configuration in that directory\n        # will allow for an easy upgrade of THIS file and\n        # make your life easier\n        IncludeOptional \/etc\/modsecurity\/*.conf\n        Include \/etc\/modsecurity\/rules\/*.conf\n<\/IfModule><\/code><\/pre>\n\n\n\n
Restart Apache for changes to take effect:<\/p>\n\n\n\n
$ sudo systemctl restart apache2<\/code><\/pre>\n\n\n\n
Step 3: Test ModSecurity<\/h2>\n\n\n\n
Open the default Apache configuration and add two additional directives, using the default configuration as an example:<\/p>\n\n\n\n
$ sudo nano \/etc\/apache2\/sites-available\/000-default.conf<\/code><\/pre>\n\n\n\n
Add the SecRuleEngine<\/strong> and SecRule<\/strong> directives as shown below:<\/p>\n\n\n\n
<VirtualHost *:80>\n    ServerAdmin webmaster@localhost\n    DocumentRoot \/var\/www\/html\n\n    ErrorLog ${APACHE_LOG_DIR}\/error.log\n    CustomLog ${APACHE_LOG_DIR}\/access.log combined\n\n    SecRuleEngine On\n    SecRule ARGS:testparam "@contains test" "id:1234,deny,status:403,msg:'Our test rule has triggered'"\n<\/VirtualHost><\/code><\/pre>\n\n\n\n
Restart Apache for changes to take effect:<\/p>\n\n\n\n
$ sudo systemctl restart apache2<\/code><\/pre>\n\n\n\n
Curl the index page to intentionally trigger the alarms using the following:<\/p>\n\n\n\n
$ curl localhost\/index.html?testparam=test<\/code><\/pre>\n\n\n\n
You should expect to get a 403 response code and see the response from the logs.<\/p>\n\n\n\n
$ sudo tail -f \/var\/log\/apache2\/error.log<\/code><\/pre>\n\n\n\n
Step 4: Review the ModSecurity Configuration Settings<\/h2>\n\n\n\n
The default configuration file is set to DetectionOnly<\/strong> which logs requests according to rule matches and doesn’t block anything besides what the OWASP CRS provides. This can be changed by editing the file below:<\/p>\n\n\n\n
$ sudo nano \/etc\/modsecurity\/modsecurity.conf<\/code><\/pre>\n\n\n\n
Find this line<\/p>\n\n\n\n
SecRuleEngine DetectionOnly<\/code><\/pre>\n\n\n\n
and change it to:<\/p>\n\n\n\n
SecRuleEngine On<\/code><\/pre>\n\n\n\n
In production, be sure to change this directive only after testing all your rules.<\/p>\n\n\n\n
You might also want to change SecResponseBodyAccess<\/strong>. This configures whether response bodies are buffered. This is only necessary if data leakage detection and protection are required. Leaving it On<\/strong> will use up droplet resources and also increase the log file size.<\/p>\n\n\n\n
Find this<\/p>\n\n\n\n
SecResponseBodyAccess On<\/code><\/pre>\n\n\n\n
and change it to:<\/p>\n\n\n\n
SecResponseBodyAccess Off<\/code><\/pre>\n\n\n\n
limit the maximum data that can be posted to your web application using these two directives configure these:<\/p>\n\n\n\n
The value mentioned in the configuration file is 12MB:<\/p>\n\n\n\n
SecRequestBodyLimit 13107200<\/code><\/pre>\n\n\n\n
The SecRequestBodyNoFilesLimit<\/strong> directive limits the size of POST data minus file uploads. This value should be as low as practical.<\/p>\n\n\n\n
The default value in the configuration file is 128KB.<\/p>\n\n\n\n
SecRequestBodyNoFilesLimit 131072<\/code><\/pre>\n\n\n\n
The SecRequestBodyInMemoryLimit<\/strong> can also be reviewed as it affects server performance too. This directive specifies how much POSTed<\/strong> data should be kept in the memory (RAM). Additional data will be placed in the hard disk like a swap. if you have plenty of RAM then you can be generous with this value. The default value in the configuration file is 128KB.<\/p>\n\n\n\n
SecRequestBodyInMemoryLimit 131072<\/code><\/pre>\n\n\n\n
Step 5: Exclude Hosts and Directories<\/h2>\n\n\n\n
ModSecurity can block genuine traffic for various reasons so you need to be able to exclude certain directories or entire hosts. Examples are phpMyAdmin where SQL queries will be blocked or CMS<\/a> application backends like WordPress admin.<\/p>\n\n\n\n
To disable mod_security for a complete Virtual Host place the following<\/p>\n\n\n\n
<IfModule security2_module>\n    SecRuleEngine Off\n<\/IfModule><\/code><\/pre>\n\n\n\n
Inside the VirtualHost<\/strong> section.<\/p>\n\n\n\n
For a particular directory:<\/p>\n\n\n\n
<Directory "\/var\/www\/website\/document_root\/wp-admin">\n    <IfModule security2_module>\n        SecRuleEngine Off\n    <\/IfModule>\n<\/Directory><\/code><\/pre>\n\n\n\n
You may not want to completely disable ModSecurity. Therefore use the SecRuleRemoveById<\/strong> directive to remove a particular rule or rule chain by specifying its ID.<\/p>\n\n\n\n
<LocationMatch "\/wp-admin\/update.php">\n    <IfModule security2_module>\n        SecRuleRemoveById 981173\n    <\/IfModule>\n<\/LocationMatch><\/code><\/pre>\n\n\n\n
Next, we will show you how to set up mod_evasive in addition to this mod_security configuration to help safeguard against DDOS attacks.<\/p>\n","protected":false},"excerpt":{"rendered":"
mod_security is a free Web Application Firewall (WAF) that comes with Apache, Nginx, and IIS web servers. It is designed to monitor HTTP traffic in real-time in order to detect…<\/p>\n","protected":false},"author":1,"featured_media":8688,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,23,16,18],"tags":[58,121,136,184,304,308,313,320,364,400,433,449,526,543,591,598,635,636,638,643],"yoast_head":"\nHow to set up mod_security With Apache on Debian\/Ubuntu or CentOS<\/title>\n<meta name=\"description\" content=\"Here we will show you how to set up mod_security with Apache on Debian\/Ubuntu or CentOS to help protect your web server from cyber attacks\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/local.brightwhiz\/configure-mod-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to set up mod_security With Apache on Debian\/Ubuntu or CentOS\" \/>\n<meta property=\"og:description\" content=\"Here we will show you how to set up mod_security with Apache on Debian\/Ubuntu or CentOS to help protect your web server from cyber attacks\" \/>\n<meta property=\"og:url\" content=\"http:\/\/local.brightwhiz\/configure-mod-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Brightwhiz.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/brightwhiz\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-15T11:42:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-12-04T09:10:41+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Bright\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:site\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Bright\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/\"},\"author\":{\"name\":\"Michael Bright\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\"},\"headline\":\"How to Configure mod_security With Apache on Debian\/Ubuntu or CentOS\",\"datePublished\":\"2020-06-15T11:42:54+00:00\",\"dateModified\":\"2021-12-04T09:10:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/\"},\"wordCount\":709,\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg\",\"keywords\":[\"Apache\",\"CentOS\",\"CMS\",\"Debugging\",\"HTTP\",\"IIS\",\"InfoSec\",\"Internet\",\"Malware\",\"Nginx\",\"Optimization\",\"Performance\",\"Security\",\"Software Design\",\"Tools\",\"Ubuntu\",\"Web\",\"Web Applications\",\"Web Development\",\"Websites\"],\"articleSection\":[\"Articles\",\"Guides\",\"Technology\",\"Tools\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/\",\"url\":\"http:\/\/local.brightwhiz\/configure-mod-security\/\",\"name\":\"How to set up mod_security With Apache on Debian\/Ubuntu or CentOS\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg\",\"datePublished\":\"2020-06-15T11:42:54+00:00\",\"dateModified\":\"2021-12-04T09:10:41+00:00\",\"description\":\"Here we will show you how to set up mod_security with Apache on Debian\/Ubuntu or CentOS to help protect your web server from cyber attacks\",\"breadcrumb\":{\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/local.brightwhiz\/configure-mod-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg\",\"width\":1200,\"height\":630,\"caption\":\"Configure Mod_security Apache\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/local.brightwhiz\/configure-mod-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/local.brightwhiz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Configure mod_security With Apache on Debian\/Ubuntu or CentOS\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/local.brightwhiz\/#website\",\"url\":\"http:\/\/local.brightwhiz\/\",\"name\":\"Brightwhiz.com\",\"description\":\"Best Tech guides, Tutorials, and News\",\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/local.brightwhiz\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/local.brightwhiz\/#organization\",\"name\":\"Brightwhiz\",\"url\":\"http:\/\/local.brightwhiz\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"width\":706,\"height\":135,\"caption\":\"Brightwhiz\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/brightwhiz\/\",\"https:\/\/twitter.com\/brightwhizmag\",\"https:\/\/instagram.com\/bright_whiz\/\",\"https:\/\/www.pinterest.com\/sobbayi\/\",\"https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\",\"name\":\"Michael Bright\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"caption\":\"Michael Bright\"},\"sameAs\":[\"https:\/\/sobbayi.com\"],\"url\":\"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to set up mod_security With Apache on Debian\/Ubuntu or CentOS","description":"Here we will show you how to set up mod_security with Apache on Debian\/Ubuntu or CentOS to help protect your web server from cyber attacks","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/local.brightwhiz\/configure-mod-security\/","og_locale":"en_US","og_type":"article","og_title":"How to set up mod_security With Apache on Debian\/Ubuntu or CentOS","og_description":"Here we will show you how to set up mod_security with Apache on Debian\/Ubuntu or CentOS to help protect your web server from cyber attacks","og_url":"http:\/\/local.brightwhiz\/configure-mod-security\/","og_site_name":"Brightwhiz.com","article_publisher":"https:\/\/www.facebook.com\/brightwhiz\/","article_published_time":"2020-06-15T11:42:54+00:00","article_modified_time":"2021-12-04T09:10:41+00:00","og_image":[{"width":1200,"height":630,"url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg","type":"image\/jpeg"}],"author":"Michael Bright","twitter_card":"summary_large_image","twitter_creator":"@brightwhizmag","twitter_site":"@brightwhizmag","twitter_misc":{"Written by":"Michael Bright","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#article","isPartOf":{"@id":"http:\/\/local.brightwhiz\/configure-mod-security\/"},"author":{"name":"Michael Bright","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32"},"headline":"How to Configure mod_security With Apache on Debian\/Ubuntu or CentOS","datePublished":"2020-06-15T11:42:54+00:00","dateModified":"2021-12-04T09:10:41+00:00","mainEntityOfPage":{"@id":"http:\/\/local.brightwhiz\/configure-mod-security\/"},"wordCount":709,"publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"image":{"@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg","keywords":["Apache","CentOS","CMS","Debugging","HTTP","IIS","InfoSec","Internet","Malware","Nginx","Optimization","Performance","Security","Software Design","Tools","Ubuntu","Web","Web Applications","Web Development","Websites"],"articleSection":["Articles","Guides","Technology","Tools"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"http:\/\/local.brightwhiz\/configure-mod-security\/","url":"http:\/\/local.brightwhiz\/configure-mod-security\/","name":"How to set up mod_security With Apache on Debian\/Ubuntu or CentOS","isPartOf":{"@id":"http:\/\/local.brightwhiz\/#website"},"primaryImageOfPage":{"@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage"},"image":{"@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg","datePublished":"2020-06-15T11:42:54+00:00","dateModified":"2021-12-04T09:10:41+00:00","description":"Here we will show you how to set up mod_security with Apache on Debian\/Ubuntu or CentOS to help protect your web server from cyber attacks","breadcrumb":{"@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/local.brightwhiz\/configure-mod-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#primaryimage","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/06\/mod-security-apache2.jpg","width":1200,"height":630,"caption":"Configure Mod_security Apache"},{"@type":"BreadcrumbList","@id":"http:\/\/local.brightwhiz\/configure-mod-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/local.brightwhiz\/"},{"@type":"ListItem","position":2,"name":"How to Configure mod_security With Apache on Debian\/Ubuntu or CentOS"}]},{"@type":"WebSite","@id":"http:\/\/local.brightwhiz\/#website","url":"http:\/\/local.brightwhiz\/","name":"Brightwhiz.com","description":"Best Tech guides, Tutorials, and News","publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/local.brightwhiz\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"http:\/\/local.brightwhiz\/#organization","name":"Brightwhiz","url":"http:\/\/local.brightwhiz\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","width":706,"height":135,"caption":"Brightwhiz"},"image":{"@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/brightwhiz\/","https:\/\/twitter.com\/brightwhizmag","https:\/\/instagram.com\/bright_whiz\/","https:\/\/www.pinterest.com\/sobbayi\/","https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ"]},{"@type":"Person","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32","name":"Michael Bright","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","caption":"Michael Bright"},"sameAs":["https:\/\/sobbayi.com"],"url":"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/"}]}},"_links":{"self":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/8686"}],"collection":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/comments?post=8686"}],"version-history":[{"count":0,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/8686\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media\/8688"}],"wp:attachment":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media?parent=8686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/categories?post=8686"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/tags?post=8686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}