You're only minutes away from protecting your web sites from all manner of attack and spam. To do this, you need to download one piece of software, mod_security, install it on your web server and then configure it. Its not difficult or time consuming at all, and if you follow these instructions you should be ready to go in minutes!

You either need to have root or administrative rights on your server to install mod_security, or you need to ask your administrator to do it for you. A lot of ISP's use mod_security these days, so it may already be installed on your server. If its not, you can use these instructions to set it up. It literally takes less than 30 seconds to install mod_security.

The first thing you need to do is download the software. You can download it from our archives:

http://www.gotroot.com/downloads/ftp/mod_security/modsecurity-software

We also make RPMs available for Linux systems to make this really easy to install!

Just install our YUM repo:

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

Or over SSL:

wget -q -O - https://www.atomicorp.com/installers/atomic |sh

Then run this command as root:

yum install modsecurity

And you're set to configure modsecurity and install our rules.

Follow the instructions on the the Atomicorp/Gotroot Wiki Rules page (cache).

ModSecurity is an Intrusion Prevention system, and uses rules, or signatures, to help protect your system from attack or spam. We publish the largest collection of rules and blacklists for mod_security on the Internet?. Mod_security works on any platform, including Solaris, Linux, BSD, MacOS and Windows based servers. Right now, mod_security only works with Apache 2.x or Apache 1.x, if you are running IIS or some other web server you're out of luck for now.

As we said before, to really use mod_security you need to feed it some signatures, just like an anti-virus product. And, you can download them all from our mod_security rules webpage or you can use our automated rule downloader! It will also keep your rules to date automatically:

Automatic Rule Updater (cache)

Automatic Rule Updater Config file (cache)