Installing MPM-Event and OWASP ModSecurity Core Rule Set V3.0 through command line

[Sarath Kumar R]

Hi,

Guys I am automating server hardening and optimization,

1) for that I need to install OWASP ModSecurity Core Rule Set V3.0 from the command line.
2) Also, I need to install MPM event through command line. Current EA4 profile is CPanel default.

Please let me know the solution or workarounds for the same

 

[cPanelMichael]

Hello,

1) for that I need to install OWASP ModSecurity Core Rule Set V3.0 from the command line.

You can manage Mod Security vendors through the following command:

/usr/local/cpanel/scripts/modsec_vendor

2) Also, I need to install MPM event through command line. Current EA4 profile is CPanel default.

You can follow the steps documented at:

Multi-Processing Modules - MPMs - EasyApache 4 - cPanel Documentation

Thank you.

 

[Sarath Kumar R]

You can follow the steps documented at:

Multi-Processing Modules - MPMs - EasyApache 4 - cPanel Documentation

Thank you.


@cPanelMichael The above URL doesn't have the steps to convert MPM from prefork to event. When, I tried yum is removing easyapache, so please let us/me know the exact commands

 

[cPanelMichael]

@cPanelMichael The above URL doesn't have the steps to convert MPM from prefork to event. When, I tried yum is removing easyapache, so please let us/me know the exact commands

You can use these commands:

yum shell
remove ea-apache24-mod_mpm_prefork
install ea-apache24-mod_mpm_event
run

Thank you.

 

[Sarath Kumar R]

@cPanelMichael thank you for the info.

But we were trying to automate MPM upgrade to event via script (bash script) and we are facing the issue, when the script executes yum shell and will wait for the next commands as the bash is not able to pass the remaining commands to yum shell. Please let me know is there any alternative for the same.

 

[cPanelMichael]

Hello,

You could also use a command like this:

yum swap ea-apache24-mod_mpm_prefork ea-apache24-mod_mpm_event

Thank you.

 

[Sarath Kumar R]

@cPanelMichael I have tried the above command and got the below error"

==
prntscr.com/f6ke34
==

Any idea why swap is not working with yum.





root@server [~]# rpm -qa | grep -i yum
yum-cron-3.2.29-81.el6.centos.noarch
yum-plugin-fastestmirror-1.1.30-40.el6.noarch
yum-utils-1.1.30-40.el6.noarch
yum-metadata-parser-1.1.2-16.el6.x86_64
yum-3.2.29-81.el6.centos.noarch
yum-plugin-universal-hooks-0.1-9.9.1.cpanel.x86_64

 

[cPanelMichael]

Hello,

It looks like that YUM command isn't available on your OS (CentOS 6). However, the last answer on the following third-party URL suggests a method of including yum shell commands in a script:

Is there a way to install and remove packages in a single yum command?

Let us know if that helps.

Thank you.

 

[Sarath Kumar R]

@cPanelMichael thanx it got worked

 

[Anoop P Alias]

you can also try

rpm -e --nodeps ea-apache24-mod_mpm_prefork && yum install ea-apache24-mod_mpm_event

 

[Sarath Kumar R]

@Anoop P Alias thanx for the help.

Please refer the below snippet for the exact steps to automate mpm upgrade from to event via bash

==
#!/bin/bash
cp -rp /etc/yum.conf /etc/yum.conf_bak
sed -i '2i assumeyes=1' /etc/yum.conf
cat > /root/mpm.txt <<EOF
remove ea-apache24-mod_mpm_prefork
install ea-apache24-mod_mpm_event
run
EOF
yum shell /root/mpm.txt
sed -i '2d' /etc/yum.conf
rm -rf /root/mpm.txt
sleep 2;
clear
==