Blame README_WINDOWS.TXT

Packit 284210
=====================================================================
Packit 284210
MOD_SECURITY 2.6  Command-line Build notes for Windows       4/2/2011
Packit 284210
by Tom Donovam
Packit 284210
=====================================================================
Packit 284210

Packit 284210
PREREQUISITES:
Packit 284210

Packit 284210
    Microsoft Visual Studio C++                                                     tested with Visual Studio 2008 (aka VC9)
Packit 284210

Packit 284210
    CMake build system from:   http://www.cmake.org/                                tested with CMake v2.8.0
Packit 284210

Packit 284210
    Apache 2.2.x  from:        http://httpd.apache.org/                             tested with Apache 2.2.17
Packit 284210
        Apache must be built from source using the same Visual Studio compiler as mod_security.
Packit 284210

Packit 284210
    PCRE  Perl Compatible Regular Expression library from: http://www.pcre.org/     tested with PCRE v8.12
Packit 284210

Packit 284210
    LibXML2 from: http://xmlsoft.org/                       tested with LibXML2 v2.7.7
Packit 284210
        Note that LibXML2 v2.7.8 does not build correctly for Windows
Packit 284210

Packit 284210
    Lua Scripting Language from:  http://www.lua.org/       tested with Lua v5.1.4
Packit 284210

Packit 284210
    cURL multiprotocol file transfer library from: http://curl.haxx.se/             tested with cURL v7.21.4
Packit 284210

Packit 284210

Packit 284210
BEFORE BUILDING
Packit 284210

Packit 284210
The directory where you build software from source ( C:\work in this exmaple)
Packit 284210
must contain the Apache source you used to build the Apache web serverand the mod_security source
Packit 284210

Packit 284210
    Apache source is in             C:\work\httpd-2.2.17    in this example.
Packit 284210
    Apache has been installed to    C:\Apache2217           in this example.
Packit 284210
    Mod_security source is in       C:\work\mod_security    in this example.
Packit 284210

Packit 284210
Download and untar the prerequite library sources:
Packit 284210

Packit 284210
    Download pcre-8.12.tar.gz     from ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
Packit 284210
    untar it into C:\work\  creating C:\work\pcre-8.12
Packit 284210

Packit 284210
    Download libxml2-2.7.7.tar.gz    from ftp://xmlsoft.org/libxml2/
Packit 284210
    untar it into C:\work\ creating C:\work\libxml2-2.7.7
Packit 284210

Packit 284210
    Download lua-5.1.4.tar.gz from http://www.lua.org/ftp/
Packit 284210
    untar it into C:\work\ creating C:\work\lua-5.1.4
Packit 284210

Packit 284210
    Download curl-7.21.4.tar.gz from http://curl.haxx.se/download.html
Packit 284210
    untar it into C:\work\ creating C:\work\curl-7.21.4
Packit 284210

Packit 284210
Setup your build environment:
Packit 284210

Packit 284210
    The PATH environment variable must include the Visual Studio variables as set by vsvars32.bat
Packit 284210
    The PATH environment variable must also include the CMAKE bin\ directory
Packit 284210

Packit 284210
    Set an environment variable to the Apache source code directory:
Packit 284210

Packit 284210
        SET HTTPD_BUILD=C:\work\httpd-2.2.17
Packit 284210

Packit 284210
    If OpenSSL and Zlib support were included when you built Apache 2.2, and you want them available to LIBXML2 and CURL
Packit 284210

Packit 284210
        Ensure that cURL and libXML2 can find the OpenSSL and Zlib includes and libraries that Apache was built with.
Packit 284210

Packit 284210
            SET INCLUDE=%INCLUDE%;%HTTPD_BUILD%\srclib\openssl\inc32;%HTTPD_BUILD%\srclib\zlib
Packit 284210
            SET LIB=%LIB%;%HTTPD_BUILD%\srclib\openssl\out32dll;%HTTPD_BUILD%\srclib\zlib
Packit 284210

Packit 284210
        Ensure that cURL and libXML2 don't use the static zlib library: zlib.lib.
Packit 284210
        Force cURL and libXML2 to use zdll.lib instead, requiring zlib1.dll at runtime:
Packit 284210

Packit 284210
            IF EXIST %HTTPD_BUILD%\srclib\zlib\zlib.lib  DEL %HTTPD_BUILD%\srclib\zlib\zlib.lib
Packit 284210

Packit 284210
BUILD PCRE-8.12
Packit 284210

Packit 284210
    CD C:\work\pcre-8.12
Packit 284210
    CMAKE   -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True
Packit 284210
    NMAKE
Packit 284210

Packit 284210
BUILD LIBXML2-2.7.7  (note: the more recent version: 2.7.8 does not build correctly on Windows)
Packit 284210

Packit 284210
    CD C:\work\libxml2-2.7.7\win32
Packit 284210
    CSCRIPT configure.js iconv=no vcmanifest=yes zlib=yes
Packit 284210
    NMAKE -f Makefile.msvc
Packit 284210

Packit 284210
BUILD LUA-5.1.4
Packit 284210

Packit 284210
    CD C:\work\lua-5.1.4\src
Packit 284210
    CL /Ox /arch:SSE2 /GF /GL /Gy /FD /EHsc /MD  /Zi /TC /wd4005 /D "_MBCS" /D "LUA_CORE" /D "LUA_BUILD_AS_DLL" /D "_CRT_SECURE_NO_WARNINGS" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_WIN32" /D "_WINDLL" /c *.c
Packit 284210
    DEL lua.obj luac.obj
Packit 284210
    LINK /DLL /LTCG /DEBUG /OUT:lua5.1.dll *.obj
Packit 284210
    IF EXIST lua5.1.dll.manifest MT  -manifest lua5.1.dll.manifest -outputresource:lua5.1.dll;2
Packit 284210

Packit 284210
BUILD CURL-7.21.4
Packit 284210

Packit 284210
    CD C:\work\curl-7.21.4
Packit 284210
    CMAKE   -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True -DCURL_ZLIB=True
Packit 284210
    NMAKE
Packit 284210

Packit 284210
BUILD MOD_SECURITY-2.6
Packit 284210

Packit 284210
    CD C:\work\mod_security\apache2
Packit 284210
    NMAKE -f Makefile.win APACHE=C:\Apache2217 PCRE=C:\work\pcre-8.12 LIBXML2=C:\work\libxml2-2.7.7 LUA=C:\work\lua-5.1.4\src
Packit 284210

Packit 284210
INSTALL MOD_SECURITY AND RUN APACHE
Packit 284210

Packit 284210
Copy these five files to C:\Apache2217\bin:
Packit 284210
    C:\work\pcre-8.12\pcre.dll C:\Apache2217\bin\
Packit 284210
    C:\work\lua-5.1.4\src\lua5.1.dll C:\Apache2217\bin\
Packit 284210
    C:\work\libxml2-2.7.7\win32\bin.msvc\libxml2.dll  C:\Apache2217\bin\
Packit 284210
    C:\work\curl-7.21.4\libcurl.dll  C:\Apache2217\bin\
Packit 284210
    C:\work\mod_security\apache2\mlogc-src\mlogc.exe
Packit 284210

Packit 284210
Copy this one file to C:\Apache2217\modules:
Packit 284210

Packit 284210
    C:\work\mod_security\apache2\mod_security2.so
Packit 284210

Packit 284210
You may also copy C:\work\curl-7.21.4\curl.exe to C:\Apache2217\bin, if you want to use the cURL command-line program.
Packit 284210

Packit 284210
Download the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/
Packit 284210
and unzip them into C:\Apache2217\conf\modsecurity_crs
Packit 284210

Packit 284210
Add configuration directives to your Apache conf\httpd.conf:
Packit 284210

Packit 284210
    # mod_security requires mod_unique_id
Packit 284210
    LoadModule unique_id_module modules/mod_unique_id.so
Packit 284210

Packit 284210
    # mod_security
Packit 284210
    LoadModule security2_module  modules/mod_security2.so
Packit 284210
    <IfModule security2_module>
Packit 284210
        SecRuleEngine On
Packit 284210
        SecDataDir   logs
Packit 284210
        Include conf/modsecurity_crs/*.conf
Packit 284210
        Include conf/modsecurity_crs/base_rules/*.conf
Packit 284210
        SecAuditEngine RelevantOnly
Packit 284210
        SecAuditLogRelevantStatus "^(?:5|4\d[^4])"
Packit 284210
        SecAuditLogType Serial
Packit 284210
        SecAuditLogParts ABCDEFGHZ
Packit 284210
        SecAuditLog logs/modsecurity.log
Packit 284210
    </IfModule>
Packit 284210

Packit 284210

Packit 284210
==============================================================================================
Packit 284210
OPTIONAL:   BUILD AND CONFIGURE THE MOD_SECURITY-2.6 MLOGC piped-logging program
Packit 284210

Packit 284210
Edit the top of C:\work\mod_security\apache2\mlogc-src\Makefile.win and set your local paths
Packit 284210

Packit 284210
        # Path to Apache httpd installation
Packit 284210
        BASE = C:\Apache2217
Packit 284210

Packit 284210
        # Paths to required libraries
Packit 284210
        PCRE = C:\work\pcre-8.12
Packit 284210
        CURL = C:\work\curl-7.21.4
Packit 284210

Packit 284210
        # Linking libraries
Packit 284210
        LIBS = $(BASE)\lib\libapr-1.lib \
Packit 284210
               $(BASE)\lib\libaprutil-1.lib \
Packit 284210
               $(PCRE)\pcre.lib \
Packit 284210
               $(CURL)\libcurl_imp.lib \
Packit 284210
               wsock32.lib
Packit 284210

Packit 284210
Build the mlogc.exe program:
Packit 284210

Packit 284210
        CD  C:\work\mod_security_trunk\mlogc
Packit 284210
        NMAKE -f Makefile.win
Packit 284210

Packit 284210
Copy mlocg.exe to C:\Apache2217\bin\
Packit 284210

Packit 284210
Create a new command file C:\Apache2217\bin\mlogc.bat with one line:
Packit 284210

Packit 284210
        C:\Apache2217\bin\mlogc.exe C:\Apache2217\conf\mlogc.conf
Packit 284210

Packit 284210
Create a new configuration file C:\Apache2217\conf\mlogc.conf to control the piped-logging program mlogc.exe.
Packit 284210
Here is an example conf\mlogc.conf:
Packit 284210

Packit 284210
    CollectorRoot       "C:/Apache2217/logs"
Packit 284210
    ConsoleURI          "https://localhost:8888/rpc/auditLogReceiver"
Packit 284210
    SensorUsername      "test"
Packit 284210
    SensorPassword      "testtest"
Packit 284210
    LogStorageDir       "data"
Packit 284210
    TransactionLog      "mlogc-transaction.log"
Packit 284210
    QueuePath           "mlogc-queue.log"
Packit 284210
    ErrorLog            "mlogc-error.log"
Packit 284210
    LockFile            "mlogc.lck"
Packit 284210
    KeepEntries         0
Packit 284210
    ErrorLogLevel       2
Packit 284210
    MaxConnections      10
Packit 284210
    MaxWorkerRequests   1000
Packit 284210
    TransactionDelay    50
Packit 284210
    StartupDelay        5000
Packit 284210
    CheckpointInterval  15
Packit 284210
    ServerErrorTimeout  60
Packit 284210

Packit 284210
Change the SecAuditLog directive in conf\httpd.conf to pipe the log data to mlogc
Packit 284210
instead of writing them to a file:
Packit 284210

Packit 284210
    SecAuditLog |C:/Apache2217/bin/mlogc.bat