The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do you upgrade from the current mod_sec to 2.5?

Discussion in 'General Discussion' started by webenthusiast, Dec 3, 2008.

  1. webenthusiast

    webenthusiast Member

    Joined:
    Aug 29, 2008
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    How do you upgrade from the current mod_security plugin in WHM (which is version 2.0?) to version 2.5 and have it still show up in WHM? Also, I have the CSF plugin in WHM, are the mod_sec version synced? Is there a way to update the cPanel and CSF mod_sec plugins together?
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    If you are running Apache 2.x, recompiling with mod_security support will give you mod_security 2.5.6. Just be sure to adjust your rules accordingly to the new format of mod_security 2.5.
     
  3. cookiesunshinex

    cookiesunshinex Well-Known Member

    Joined:
    Jun 10, 2005
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    So to upgrade Mod_sec to point releases, such as 1.9.1 to 1.9.5, I need to recompile apache?
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    That is correct, as this module will be compiled into Apache.
     
  5. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Yes and No .... That really depends on what you prefer to do! ;)

    The main question is whether you already have the WHM "Mod Security" plugin
    installed that allows you to manage and review your Mod Security logs from
    within WHM. If that is already installed then all you really need to do is
    upgrade your "Mod_Security" modules for Apache itself. If you don't have
    that plugin, then I probably would go ahead and use EasyApache to go ahead
    and get the WHM plugin installed.

    Either way you could just run /scripts/easyapache but that also recompiles
    a lot of things that have nothing to do with Mod_Security so a bit of overkill
    if you don't really need it.

    To manually upgrade, just download and compile:
    Code:
    # cd /usr/local/src
    # wget http://www.modsecurity.org/download/modsecurity-apache_2.5.9.tar.gz
    # tar zxvf modsecurity-apache_2.5.9.tar.gz
    # cd ./modsecurity-apache_2.5.9/apache2
    # ./configure
    # ./make
    # ./make test
    # ./make install
    
    You can also just unpack the archive and APXS install it as well and
    that will work for upgrading as well.

    Go to /usr/local/apache/conf and update the "httpd.conf" and "modsec2.conf"
    files as needed. If upgrading 2.x+, probably don't need to do much.

    Restart Apache (service httpd restart)
     
Loading...

Share This Page