系统版本:Red Hat 6

httpd版本:httpd-2.4.20

tar包:modsecurity-apache_2.5.9.tar.gz   mod_evasive_1.10.1.tar.gz

关于apxs:http://itlab.idcquan.com/linux/manual/ApacheManual/programs/apxs.html

mod_evasive模块的安装

# tar xf mod_evasive_1.10.1.tar.gz

# cd mod_evasive

# ls

CHANGELOG      mod_evasive20.c   mod_evasive20.o    mod_evasiveNSAPI.c

LICENSE        mod_evasive20.la  mod_evasive20.slo  README

Makefile.tmpl  mod_evasive20.lo  mod_evasive.c      test.pl

# apxs -i -a -c mod_evasive20.c

/usr/lib/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -Wformat-security -fno-strict-aliasing  -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -pthread -I/usr/include/httpd  -I/usr/include/apr-1   -I/usr/include/apr-1   -c -o mod_evasive20.lo mod_evasive20.c && touch mod_evasive20.slo

mod_evasive20.c: 在函数‘create_hit_list’中:

mod_evasive20.c:118: 警告:在有返回值的函数中未发现 return 语句

mod_evasive20.c: 在函数‘access_checker’中:

mod_evasive20.c:212: 警告:隐式声明函数‘getpid’

mod_evasive20.c:212: 警告:格式‘%ld’需要类型‘long int’,但实参 3 的类型为‘int’

mod_evasive20.c:229: 警告:忽略声明有 warn_unused_result 属性的‘system’的返回值

mod_evasive20.c: 在函数‘destroy_hit_list’中:

mod_evasive20.c:301: 警告:在有返回值的函数中未发现 return 语句

/usr/lib/apr-1/build/libtool --silent --mode=link gcc -o mod_evasive20.la  -rpath /usr/lib/httpd/modules -module -avoid-version    mod_evasive20.lo

/usr/lib/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib/apr-1/build/libtool' mod_evasive20.la /usr/lib/httpd/modules

/usr/lib/apr-1/build/libtool --mode=install cp mod_evasive20.la /usr/lib/httpd/modules/

libtool: install: cp .libs/mod_evasive20.so /usr/lib/httpd/modules/mod_evasive20.so

libtool: install: cp .libs/mod_evasive20.lai /usr/lib/httpd/modules/mod_evasive20.la

libtool: install: cp .libs/mod_evasive20.a /usr/lib/httpd/modules/mod_evasive20.a

libtool: install: chmod 644 /usr/lib/httpd/modules/mod_evasive20.a

libtool: install: ranlib /usr/lib/httpd/modules/mod_evasive20.a

libtool: finish: PATH="/usr/lib/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/inotify/bin:/root/bin:/sbin" ldconfig -n /usr/lib/httpd/modules

----------------------------------------------------------------------

Libraries have been installed in:

   /usr/lib/httpd/modules   ------>#被安装到了这里

If you ever happen to want to link against installed libraries

in a given directory, LIBDIR, you must either use libtool, and

specify the full pathname of the library, or use the `-LLIBDIR'

flag during linking and do at least one of the following:

   - add LIBDIR to the `LD_LIBRARY_PATH' environment variable

     during execution

   - add LIBDIR to the `LD_RUN_PATH' environment variable

     during linking

   - use the `-Wl,-rpath -Wl,LIBDIR' linker flag

   - have your system administrator add LIBDIR to `/etc/ld.so.conf'

See any operating system documentation about shared libraries for

more information, such as the ld(1) and ld.so(8) manual pages.

----------------------------------------------------------------------

chmod 755 /usr/lib/httpd/modules/mod_evasive20.so

之后,配置文件中可以看到这样一行(因为是apxs方法加载的模块所以会自动生成)

# vim /usr/local/httpd/conf/httpd.conf

  LoadModule evasive20_module   modules/mod_evasive20.so

补充

1. 如果遇到这样的错误:

# /usr/local/httpd/bin/apxs -i -a -c mod_evasive20.c

/usr/local/apr/build-1/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -O2 -pg -pthread -I/usr/local/httpd/include  -I/usr/local/apr/include/apr-1   -I/usr/local/apr-util/include/apr-1  -I/usr/local/apr-iconv/include/apr-1 -I/usr/local/apr-iconv/include  -c -o mod_evasive20.lo mod_evasive20.c && touch mod_evasive20.slo

mod_evasive20.c: In function 'access_checker':

mod_evasive20.c:142: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:146: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:158: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:165: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:180: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:187: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:208: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:212: warning: implicit declaration of function 'getpid'

mod_evasive20.c:215: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:221: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:222: error: 'conn_rec' has no member named 'remote_ip'

mod_evasive20.c:228: error: 'conn_rec' has no member named 'remote_ip'

apxs:Error: Command failed with rc=65536

解决方法是把对应行的“remote”改成“client”

2.apxs选项说明:
      -c 执行编译操作
      -i 安装操作,安装一个或多个动态共享对象到服务器的modules目录
      -a 自动增加一个LoadModule行到httpd.conf文件,以激活此模块,若此行存在则启用之
      -A 与-a类似,但是它增加的LoadModule行前有井号前缀(#)
      -e 需要执行编辑操作,可与-a和-A选项配合使用,与-i操作类似,修改httpd.conf文件,但并不安装此模块

mod_security模块的安装

# tar xf modsecurity-apache_2.5.9.tar.gz

# ls

apache2  doc      modsecurity.conf-minimal         README.TXT  tools

CHANGES  LICENSE  MODSECURITY_LICENSING_EXCEPTION  rules

# cd apache2/

# apxs -i -a -c mod_security2.c

/usr/lib/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -Wformat-security -fno-strict-aliasing  -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -pthread -I/usr/include/httpd  -I/usr/include/apr-1   -I/usr/include/apr-1   -c -o mod_security2.lo mod_security2.c && touch mod_security2.slo

在包含自 modsecurity.h:38 的文件中,

                 从 mod_security2.c:24:

msc_pcre.h:24:18: 错误:pcre.h:没有那个文件或目录

在包含自 modsecurity.h:40 的文件中,

                 从 mod_security2.c:24:

msc_xml.h:25:31: 错误:libxml/xmlschemas.h:没有那个文件或目录

msc_xml.h:26:26: 错误:libxml/xpath.h:没有那个文件或目录

In file included from modsecurity.h:40,

                 from mod_security2.c:24:

===>报错

# yum install libxml*

# ./configure --with-apxs=/usr/local/httpd/bin/apxs --with-httpd-src=/usr/local/httpd/ --with-pcre=/usr/local/pcre/ --with-apr=/usr/local/apr/bin/apr-1-config  --with-libxml=/usr/     ------>通过编译安装的方法

# make ; make install

make: *** [mod_security2.la] 错误 1

/usr/local/apr/build-1/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -O2 -pg -pthread -I/usr/local/httpd/include  -I/usr/local/apr/include/apr-1   -I/usr/local/apr-util/include/apr-1  -I/usr/local/apr-iconv/include/apr-1 -I/usr/local/apr-iconv/include -O2 -g -Wall -I/usr/local/httpd/include -I/usr/local/httpd/include -I. -I/usr/local/apr/include/apr-1 -I/usr/local/apr-util/include/apr-1 -I/usr/local/apr-iconv/include/apr-1 -I/usr/local/apr-iconv/include -I/usr/local/pcre/include -I/usr/local/httpd//srclib/pcre -I/usr/local/pcre/include -I/usr/include/libxml2  -c -o mod_security2.lo mod_security2.c && touch mod_security2.slo

mod_security2.c: In function 'create_tx_context':

mod_security2.c:345: error: 'conn_rec' has no member named 'remote_ip'

mod_security2.c:346: error: 'conn_rec' has no member named 'remote_addr'    ------>#报错的地方

mod_security2.c: In function 'register_hooks':

mod_security2.c:1118: warning: passing argument 1 of 'ap_hook_error_log' from incompatible pointer type

/usr/local/httpd/include/http_core.h:948: note: expected 'void (*)(const struct ap_errorlog_info *, const char *)' but argument is of type 'void (*)(const char *, int,  int,  apr_status_t,  const struct server_rec *, const struct request_rec *, struct apr_pool_t *, const char *)'

apxs:Error: Command failed with rc=65536

===>报错

# vim mod_security2.c

把原来的“remote“改成了client:

===>后面还出现过一次类似这样的错误,也是同样的方法解决:

然后安装成功:

Libraries have been installed in:

   /usr/local/httpd/modules    ------>#安装到了这里

If you ever happen to want to link against installed libraries

in a given directory, LIBDIR, you must either use libtool, and

specify the full pathname of the library, or use the `-LLIBDIR'

flag during linking and do at least one of the following:

   - add LIBDIR to the `LD_LIBRARY_PATH' environment variable

     during execution

   - add LIBDIR to the `LD_RUN_PATH' environment variable

     during linking

   - use the `-Wl,-rpath -Wl,LIBDIR' linker flag

   - have your system administrator add LIBDIR to `/etc/ld.so.conf'

See any operating system documentation about shared libraries for

more information, such as the ld(1) and ld.so(8) manual pages.

----------------------------------------------------------------------

chmod 755 /usr/local/httpd/modules/mod_security2.so

===>在启动服务的时候报错:

# ./apachectl start

httpd: Syntax error on line 169 of /usr/local/httpd/conf/httpd.conf: Cannot load modules/mod_security2.so into server: /usr/local/httpd/modules/mod_security2.so: undefined symbol: unixd_set_global_mutex_perms

169行的内容是这样的:LoadModule security2_module  modules/mod_security2.so
未解决......

[LAMP]——mod_security和mod_evasive模块的安装的更多相关文章

  1. 搭建rtmp直播流服务之1:使用nginx搭建rtmp直播流服务器(nginx-rtmp模块的安装以及rtmp直播流配置)

    欢迎大家积极开心的加入讨论群 群号:371249677 (点击这里进群) 一.方案简要 首先通过对开发方案的仔细研究(实时监控.流媒体.直播流方案的数据源-->协议转换-->服务器--&g ...

  2. LAMP以及各组件的编译安装

    LAMP以及各组件的编译安装 目录 LAMP以及各组件的编译安装 一.LAMP 1. LAMP概述 2. 各组件的主要作用 3. 平台环境的安装顺序 二.编译安装apache httpd 1. 关闭防 ...

  3. (原创)LAMP搭建之一:图解如何安装并检查LAMP

    LAMP搭建之一:图解如何安装并检查LAMP 第一步:安装Linux(RedHat5) 第二步:rpm -qa httpd(查看apache是否安装) rpm -qa php(查看php是否安装) r ...

  4. Pexpect模块的安装

    Pexpect模块的安装 下载地址:https://pypi.python.org/pypi/pexpect/ 解压后在目录下运行:python ./setup.py install (必须是root ...

  5. Python Beautiful Soup模块的安装

    以安装Beautifulsoup4为例: 1.到网站上下载:http://www.crummy.com/software/BeautifulSoup/bs4/download/ 2.解压文件到C:\P ...

  6. apache中若干模块的安装

    第一次手动安装apache,由于在./configure -prefix=/usr/local/apache2 -enable-module=so这样配置,导致后来不得不手动安装一些模块,遇到了一些坑 ...

  7. Python 一些常用模块的安装

    (1)python PIL(image)模块的安装 sudo apt-get install python-imaging

  8. Python 库/模块的安装、查看

    关于如何查看本地python类库详细信息的方法 关于如何查看本地python类库详细信息的方法 - 小白裸奔 - CSDN博客 python -m pydoc -p 1234 help('module ...

  9. nodejs安装及npm模块插件安装路径配置

    在学习完js后,我们就要进入nodejs的学习,因此就必须配置nodejs和npm的属性了. 我相信,个别人在安装时会遇到这样那样的问题,看着同学都已装好,难免会焦虑起来.于是就开始上网查找解决方案, ...

随机推荐

  1. zedboard如何从PL端控制DDR读写(三)——AXI-FULL总线调试

    之前的项目和培训中,都只用到了AXI-Lite或者AXI-Stream,对于AXI-FULL知之甚少,主要是每次一看到那么多接口信号就望而却步了. 现在为了调试DDR,痛下决心要把AXI-FULL弄懂 ...

  2. 【IHttpHandler】HttpModule,HttpHandler,HttpHandlerFactory简单使用

    这三个对象我们在开发Asp.net程序时经常会用到,似乎很熟悉,但有时候又不太确定.本文通过一个简单的例子来直观的比较一下这三个对象的使用. HttpModule:Http模块,可以在页面处理前后.应 ...

  3. Unieap3.5-前台js判断表单必录

    //用户信息字段检查 var custFrm=unieap.byId('custFrm'); var isValid=custFrm.validate(true); if(!isValid){ ret ...

  4. win7启动文件修复

    1:在xp下运行bcdedit.exe(这软件在windows 7的系统盘下 就在你的c:\windows\system32\这里2:将这软件复制到c盘根目录下3:进入命令提示符 输入 c:4:输入 ...

  5. 手机连接wifi自动弹窗的原理及其实现方案

    一.手机连上wifi后会自动弹窗的原理 生活中,有很多需要认证的路由器,手机连接wifi热点后会自动弹出一个网页,让用户输入账号和密码,比如星巴克,肯地基,麦当劳,甚至是火车站和机场的候车室.其实这是 ...

  6. linux路由配置负载均衡

    负载平衡ip route add default scope global nexthop via XX.XX.XX.XX dev eth0 weight 1 nexthop via XX.XX.XX ...

  7. linux基本使用(一)

    分区1./ 根分区2. swap 交换分区(大小建议是内存的1~2倍)3. /home 分区4./boot 引导文件(启动加载)分区5./var 等,最低 要有前2个分区吧,最好有home分区,因为没 ...

  8. wordpress学习-themes-001

    这一篇主要是来记录wordpress theme的内容.关于为什么要自己编写wordpress theme的理由,相信大家都有各自的体会.想让自己的博客变的更加突出?更加个性话?wordpress t ...

  9. .Net之美

    第1章 C#类型基础 1.1 值类型和引用类型值类型和引用类型是以它们在计算机内存中是如何被分配的来划分的.值类型包括了结构和枚举,引用类型则包括了类. 接口. 委托等. 还有一种特殊的值类型,称为简 ...

  10. 学习simple.data之基础篇

    simple.data是一个轻量级的.动态的数据访问组件,支持.net4.0. 1.必须条件和依赖性: v4.0 or greater of the .NET framework, or v2.10 ...