Hi all,

I use Ubuntu 14.04 x64 and I have followed the following procedure found on this link ( http://blog.mattbrock.co.uk/hardening-t … ver-14-04/">http://blog.mattbrock.co.uk/hardening-the-security-on-ubuntu-server-14-04/ ) to install mod_security on my server:

sudo apt-get install libapache2-mod-security2

sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

sudo nano /etc/modsecurity/modsecurity.conf

Make the following options so:

SecRuleEngine On

SecRequestBodyLimit 50000000

SecRequestBodyInMemoryLimit 50000000

cd /tmp

sudo wget https://github.com/SpiderLabs/owasp-mod … master.zip">https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/master.zip

sudo apt-get install zip

sudo unzip master.zip

sudo cp -r owasp-modsecurity-crs-master/* /etc/modsecurity/

sudo mv /etc/modsecurity/modsecuritycrs10setup.conf.example /etc/modsecurity/modsecuritycrs10setup.conf

sudo ls /etc/modsecurity/baserules | xargs -I {} sudo ln -s /etc/modsecurity/baserules/{} /etc/modsecurity/activated_rules/{}

sudo ls /etc/modsecurity/optionalrules | xargs -I {} sudo ln -s /etc/modsecurity/optionalrules/{} /etc/modsecurity/activated_rules/{}

sudo nano /etc/apache2/mods-available/security2.conf

add the following line near the end, just before :

Include "/etc/modsecurity/activated_rules/*.conf"

sudo service apache2 restart

sudo rm -rfv /tmp/*

sudo apt-get install libapache2-mod-evasive

sudo mkdir /var/log/mod_evasive

sudo chown www-data:www-data /var/log/mod_evasive

sudo nano /etc/apache2/mods-available/evasive.conf

Make it so:

DOSHashTableSize 3097

DOSPageCount 2

DOSSiteCount 50

DOSPageInterval 1

DOSSiteInterval 1

DOSBlockingPeriod 10

DOSEmailNotify my_emailaddress@gmail.com

DOSSystemCommand "su - someuser -c '/sbin/… %s …'"

DOSLogDir "/var/log/mod_evasive"

sudo ln -s /etc/apache2/mods-available/evasive.conf /etc/apache2/mods-enabled/evasive.conf

sudo service apache2 restart

sudo apt-get install rkhunter chkrootkit

sudo nano etc/chkrootkit.conf

RUN_DAILY="true"

RUNDAILYOPTS=""

sudo nano /etc/default/rkhunter

CRONDAILYRUN="true"

CRONDBUPDATE="true"

sudo mv /etc/cron.weekly/rkhunter /etc/cron.weekly/rkhunter_update

sudo mv /etc/cron.daily/rkhunter /etc/cron.weekly/rkhunter_run

sudo mv /etc/cron.daily/chkrootkit /etc/cron.weekly/

sudo apt-get install logwatch

sudo mv /etc/cron.daily/00logwatch /etc/cron.weekly/

sudo nano /etc/cron.weekly/00logwatch

/usr/sbin/logwatch --output mail --range 'between -7 days and -1 days'

sudo apt-get install acct

sudo touch /var/log/wtmp

sudo a2enmod modsecurity

sudo /etc/init.d/apache2 force-reload

However when I execute: sudo a2enmod modsecurity

lupocatttivo@octane:~$ sudo a2enmod modsecurity

ERROR: Module modsecurity does not exist!

I even tried this:

lupocatttivo@octane:~$ sudo apt-get install libapache2-mod-security2

Reading package lists… Done

Building dependency tree

Reading state information… Done

libapache2-mod-security2 is already the newest version.

0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

Any help will be appreciated.

Thanks in advance.