The Customize Windows

Technology Journal

You are here:Home » Set Up mod_security And fail2ban To Create Anti-Spam Filter

By Updated on

Set Up mod_security And fail2ban To Create Anti-Spam Filter

Advertisement

It is common for the blogs, forums to face malicious web traffic on regular basis. This malicious traffic not only harmful by simply wasting server resources, slowing down the site but also can lead to ban by third party Advertisement networks, such as Google AdSense. Here is How To Set Up mod_security And fail2ban To Create Anti-Spam Filter For Web Software Auch as WordPress, Forum Software on Debian/Ubuntu Server. Method to setup on REHL/CentOS is slightly different. We are taking it granted that Apache is already installed and running in some method like our guide on installing Apache, in the same way fail2ban also installed and running in some method like our guide on installing fail2ban. We have a separate guide on WordPress Brute Force And Mod Security.

Set Up mod_security And fail2ban To Create Anti-Spam Filter

 

Steps To Set Up mod_security And fail2ban

 

In easy way, we have to do the following step :

We need to enable the mod_security rules. We will copy the mod_security configuration file, edit it and set the SecRuleEngine option to On:

Advertisement

---

Change these settings :

mod_security rules are available in following directories:

To enable all CRS base rules, create symbolic links :

CRS optional and experimental rules needs separate symbolic links (not shown here).

We can configure and enable the Open Web Application Security Project (OWASP) core rule set:

Edit the /etc/apache2/mods-enabled/security2.conf file:

Add the lines at the end:

Restart Apache:

You need to read more information on how to configure and use mod_security from official documentation. Install the mod_evasive module using the following command:

Open mod-evasive.conf file, configure mod_evasive module:

Change the values like this :

Save that file. Create a log file for mod_evasive, give proper permission and restart Apache :

Read README file in the mod_evasive module for details on the various configuration parameters. We can configure fail2ban with mod security reading official guide :

When configuring fail2ban, you can test a failregex and ignoreregex patterns, against the mod_security logfile before activating the fail2ban mod_security filter:

Sometimes, we need to un-ban an IP address, we can list of all current rules and check blocked IPs:

You can extract the IP address from this list :

We can pass it to perform the unbanning :

Pinterest

Here’s what we’ve got for you which might like :

  • ModSecurity is an open-source web application firewall. It is available as a module for the Apache Server, and also Microsoft IIS and Nginx web server. It provides a rule configuration language (SecRules) for real-time monitoring, logging, and filtering of HTTP communications. ModSecurity is probably most commonly used to add protection against general vulnerabilities using the […]

  • Here is How To Configure Apache With Fail2Ban on Ubuntu 18.04 to block more types of malicious attempts towards server to create a practical firewall.

  • Here is How To Configure Fail2Ban With Mod Security & Others On Apache Server To Protect From PHP And Other Exploits. Config Files Included.

  • In an earlier article, we published an introduction on mod security. While there are many good reasons to use mod security, this module adds complexity to any WordPress installation. This guide is based on the official directions for WordPress to create a window so that a WordPress user can edit any post, and upload media. […]

performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us