How do you upgrade from the current mod_sec to 2.5?

[webenthusiast]

How do you upgrade from the current mod_security plugin in WHM (which is version 2.0?) to version 2.5 and have it still show up in WHM? Also, I have the CSF plugin in WHM, are the mod_sec version synced? Is there a way to update the cPanel and CSF mod_sec plugins together?

[cPanelDavidG]

Quote:

Originally Posted by webenthusiast

How do you upgrade from the current mod_security plugin in WHM (which is version 2.0?) to version 2.5 and have it still show up in WHM? Also, I have the CSF plugin in WHM, are the mod_sec version synced? Is there a way to update the cPanel and CSF mod_sec plugins together?

If you are running Apache 2.x, recompiling with mod_security support will give you mod_security 2.5.6. Just be sure to adjust your rules accordingly to the new format of mod_security 2.5.

[cookiesunshinex]

So to upgrade Mod_sec to point releases, such as 1.9.1 to 1.9.5, I need to recompile apache?

[cPanelDavidG]

Quote:

Originally Posted by cookiesunshinex

So to upgrade Mod_sec to point releases, such as 1.9.1 to 1.9.5, I need to recompile apache?

That is correct, as this module will be compiled into Apache.

[Spiral]

Quote:

Originally Posted by cookiesunshinex

So to upgrade Mod_sec to point releases, such as 1.9.1 to 1.9.5, I need to recompile apache?

Yes and No .... That really depends on what you prefer to do!

The main question is whether you already have the WHM "Mod Security" plugin
installed that allows you to manage and review your Mod Security logs from
within WHM. If that is already installed then all you really need to do is
upgrade your "Mod_Security" modules for Apache itself. If you don't have
that plugin, then I probably would go ahead and use EasyApache to go ahead
and get the WHM plugin installed.

Either way you could just run /scripts/easyapache but that also recompiles
a lot of things that have nothing to do with Mod_Security so a bit of overkill
if you don't really need it.

To manually upgrade, just download and compile:

Code:

# cd /usr/local/src
# wget http://www.modsecurity.org/download/modsecurity-apache_2.5.9.tar.gz
# tar zxvf modsecurity-apache_2.5.9.tar.gz
# cd ./modsecurity-apache_2.5.9/apache2
# ./configure
# ./make
# ./make test
# ./make install

You can also just unpack the archive and APXS install it as well and
that will work for upgrading as well.

Go to /usr/local/apache/conf and update the "httpd.conf" and "modsec2.conf"
files as needed. If upgrading 2.x+, probably don't need to do much.

Restart Apache (service httpd restart)