-
Ubuntu - Web Server (GNU Board), Web Firewall (Modsecurity)Security 2022. 5. 17. 22:44
Ubuntu에 Web Server(GNU Board) , Web Firewall(Modsecurity) 설치
Web Server (GNU Board) 설치
sudo apt update
sudo apt install vim
sudo apt install apache2
sudo apt install mysql-server
sudo apt install php php-mysql php-common php-gd php-fpm php-xml php-json php-curl git
sudo systemctl start mysql
sudo mysql -u roop -p#MySQL 시작
create database gnuboard;
create user board@localhost identified by 'cyver12#$';
grant all privileges on gnuboard.* to board@localhost;
exit
sudo git clone https://github.com/gnuboard/gnuboard5
cd /var/www/html/gunboard5
sudo mkdir data
sudo chmod 707 data
sudo service apache2 restart
ip addr
주소창에 IP Address/gnuboard5를 입력해서 gnuboard에 접속해줍니다.
Web Firewall (Modsecurity) 설치
sudo apt install libapache2-mod-security2 sudo a2enmod seurity2 sudo systemctl restart apache2 cd /etc/modscurity sudo mv modsecurity.conf-recommended modsecurity.conf #Tap키를 누르다보면 자동 완성이 되는데 recommended가 뜬다면 지워줍니다. sudo vi modsecurity #---------- editor ---------- set nu 7번 라인의 내용을 SecRuleEngine On으로 변경 187번 라인의 내용을 SecAuditLogParts ABCEFHJKZ로 변경 #---------------------------- sudo wget https://github.com/coreuleset/coreuleset/archive/v3.3.0.tar.gz sudo tar -xvf v3.3.0.tar.gz sudo mkdir /etc/apache2/modsecurity-crs/ sudo mv coreuleset-3.3.0/ /etc/apache2/modsecurity-crs/ cd /ctc/apache2/modsecurity-crs/coreuleset-3.3.0 sudo mv crs-setip.conf.example crs-setup.conf sudo vi /etc/apache2/mods-enabled/security2.conf #---------- editor ---------- set nu 12번 라인 IncludeOptional /etc/apache2/modsecurity-crs/coreruleset-3.3.0/crs-setup.conf로 변경 13번 라인 IncludeOptional /etc/apache2/modsecurity-crs/coreruleset-3.3.0/rules/*.conf로 변경 #---------------------------- sudo apache2ctl -t sudo systemctl restart apache2
캡처를 못해서 코드로만 작성합니다.
'Security' 카테고리의 다른 글
Ubuntu - Argus-clients, Shell Script - 우분투 Argus-client, 쉘 스크립트 (0) 2022.05.18 PCRE, awk, Shell Script, Log Check - 정규 표현식, awk, 쉘 스크립트, 로그 확인 (0) 2022.05.18 DVWA - CSRF, Burp Suite - Dictionary Attack, Kali Linux -Medusa, Crunch - Brute Force (0) 2022.05.17 Linux E325 : ATTENTION 해결하기 (0) 2022.05.17 SAST, DAST - Sparrow (0) 2022.05.16