The intention for this short howto was to use the power of modsecurity to secure a Apache2 running as proxy for an MS Exchange OWA on wild wild web. The system described below is based on a debian lenny machine.
Let’s start with editing the sources.list to get the latest version of modsecurity module. Simply add this line:
deb http://etc.inittab.org/~agi/debian/libapache-mod-security2 ./ and install the stuff.
aptitude install libapache-mod-security apache2-mpm-worker Now I’ve disabled all sites and modules not needed and enable the new modules:
Read more →