Latest Compile with pdo drivers for mysql along with mod_security.
NOTE:
Remove the MySQL-shared rpm else openssl will not work.
# rpm -e MySQL-shared-5.0.20a-0.glibc23
-
Download and extract the source files:
$ wget http://www.ibiblio.org/pub/mir rors/apache/httpd/apache_1.3.4 1.tar.gz
$ wget http://us3.php.net/get/php-5.2 .5.tar.gz/from/us.php.net/mirr or
$ wget http://www.modssl.org/source/m od_ssl-2.8.31-1.3.41.tar.gz
/>$ wget http://www.modsecurity.org/dow nload/modsecurity-apache_1.9.5 .tar.gz
$ wget http://openssl.org/source/open ssl-0.9.8g.tar.gz
# yum install gcc gcc-c++ openssl-devel flex bison libxml2-devel
$ cd modsecurity-apache_1.9.5
$ cp apache1/mod_security.c ../apache_1.3.41/src/modules/e xtra/
$ cd ../openssl-0.9.8g
$ ./config --prefix=/usr/local --openssldir=/usr/local/openss l
$ make
Notice that we don't need to install OpenSSL.
Patch apache with mod_ssl:$ cd ../mod_ssl-2.8.31-1.3.41
$ ./configure \
--with-ssl=../openssl-0.9.8g \
--with-apache=../apache_1.3. 41
$ cd ../apache_1.3.41
$ ./configure
$ cd ../php-5.2.2
$ CFLAGS='-O2 -I../openssl-0.9.8g' \
./configure \
--with-apache=../apache_1.3. 41 \
--disable-debug \
--with-pic \
--enable-inline-optimization \
--with-bz2 \
--with-curl \
--with-freetype-dir=/usr \
--with-png-dir=/usr \
--with-gd=shared \
--enable-gd-native-ttf \
--without-gdbm \
--with-gettext \
--with-gmp \
--with-iconv \
--with-jpeg-dir=/usr \
--with-openssl \
--with-pspell \
--with-libxml-dir=/usr \
--with-xsl=/usr \
--with-pcre-regex \
--with-zlib \
--enable-bcmath \
--enable-exif \
--enable-sockets \
--enable-wddx \
--with-kerberos \
--with-mysql \
--enable-calendar \
--enable-mbstring \
--enable-mbregex \
--with-mime-magic=/usr/share /file/magic.mime \
--enable-zip \
--with-pear=/usr/share/pear \
--enable-soap \
--enable-soap \
--enable-sqlite-utf8 \
--enable-pdo \
--with-pdo-mysql
$ make
# make install
$ cd ../apache_1.3.41
$ SSL_BASE=../openssl-0.9.8g \
./configure \
--prefix=/usr/local/apache \
--enable-module=ssl \
--enable-module=rewrite \
--activate-module=src/module s/php5/libphp5.a \
--enable-module=php5 \
--activate-module=src/module s/extra/mod_security \
--enable-module=security
$ make
$ make certificate TYPE=existing \
&nbs p; &nbs p; CRT=/etc/pki/apache/ssl-crt/se rver.crt \
&nbs p; &nbs p; KEY=/etc/pki/apache/ssl-crt/se rver.key
# make install
$ cp modsecurity-apache_1.9.5/httpd .conf.example-minimal /usr/local/apache/conf/modsecu rity.conf
Include /usr/local/apache/conf/modsecu rity.conf
# DirectoryIndex:
<IfModule mod_dir.c>
DirectoryIndex index.php index.html
</IfModule>
# Enable php
AddType application/x-httpd-php .php
# ln -s /usr/local/apache/bin/apachect l /sbin/httpd
# ln -s /sbin/httpd /etc/rc.d/init.d/httpd
# ln -s /etc/rc.d/init.d/httpd /etc/rc.d/rc3.d/S90httpd
Below are the relevant lines:
....
startnossl)
&nbs p; if [ $RUNNING -eq 1 ]; then
&nbs p; &nbs p; echo "$0 $ARG: httpd (pid $PID) already running"
&nbs p; &nbs p; continue
....
start|startssl|sslstart|start- SSL)
&nbs p; if [ $RUNNING -eq 1 ]; then
&nbs p; &nbs p; echo "$0 $ARG: httpd (pid $PID) already running"
&nbs p; &nbs p; continue
....
startnossl - start httpd without SSL enabled
start & nbsp; - start httpd with SSL enabled
....
# service httpd [stop|start]
References:
- sandip's blog
- Login or register to post comments
Comments
Make sure to have gdbm-devel rpm package installed.
# yum install gdbm-devel
Then build apache with rewrite module enabled:
$ SSL_BASE=SYSTEM \ s/php5/libphp5.a \
./configure \
--prefix=/usr/local/apache \
--enable-module=ssl \
--enable-module=rewrite \
--activate-module=src/module
--enable-module=php5