The compilation process outlined in the previous section results in a file called mod_security2.so being created. This is an Apache dynamic shared object which is a plugin to Apache that adds functionality to the web server without requiring it to be recompiled. This file contains all the ModSecurity functionality, and integrating it like any other Apache module is, except for some basic configuration, all it takes to enable ModSecurity on your server.

The mod_security2.so file is output to the modsecurity-apache/apache2/.libs directory by the compiler. To let Apache know about ModSecurity, start by copying the mod_security2.so file to your Apache modules directory. Typically the modules directory will be something like /etc/httpd/modules, but the location will vary depending on your setup.

The next step is to edit the Apache configuration file and add a line to let the web server know about the new module. Start your favorite editor and open up httpd.conf (again, the location will vary depending on your setup, but assuming the same Apache base directory as in the previous section, the file will be in /etc/httpd/conf/httpd.conf). It's a good idea to create a backup copy of httpd.conf before you start editing the file, so that you can revert to the backup if anything goes wrong.

In httpd.conf there will be a fairly long list of configuration directives that start with the word LoadModule. Find this section of LoadModule directives and add the following line to the top of the list:

LoadModule security2_module modules/mod_security2.so

The security2_module string is known as the module identifier, and is declared in the source code of each module. It is used by Apache to later identify the module in such directives as IfModule, which turn on or off processing of configuration directives based on whether or not the module is loaded.

After adding this line, exit the editor and run apachectl configtest. This will test the new configuration file and report back any errors so you can fix them before attempting to restart the server. If all went well, run apachectl restart to restart the web server. This will load ModSecurity which means the fun part of writing rules can soon begin!