Mod_security is an Apache module that helps to protect your website from various attacks such as cross-site scripting, SQL injection attacks, path traversal attacks etc. Mod_evasive is an Apache module that helps to prevent HTTP DoS (DDoS) attacks or server brute force attacks. If you have CentOS installed on your server, follow these instructions to install mod_security with the OWASP core rule set.
To install and configure mod_security and mod_evasive modules on an Ubuntu VPS in order to harden and secure your Apache web server, follow the steps described below:
mod_security
Install mod_security with the OWASP core rule set on a CentOS VPS
Mod_Security is free and open source web application firewall for Apache and Nginx. It is very useful for protecting your web server from various attacks by blocking most of the known exploits using regular expressions and rule sets. Mod_security can detect attacks by monitoring and analyzing the HTTP traffic in real time. In this blog tutorial we will guide you through the process of installing mod_security with the OWASP (Open Web Application Security Project) core rule set on a CentOS VPS from source.