Would you like to learn how to install Modsecurity on IIS? In this tutorial, we are going to show you how to install the Modsecurity feature on the IIS server.
• Windows 2012 R2
• Windows 2016
• Windows 2019
• ModSecurity 2.9.3
Hardware List:
The following section presents the list of equipment used to create this tutorial.
Every piece of hardware listed above can be found at Amazon website.
Windows Tutorial:
On this page, we offer quick access to a list of Windows tutorials.
Tutorial IIS – Modsecurity installation
Access the Microsoft website and download the package named Visual Studio 2013 Runtime.
Perform the Visual Studio 2013 installation.
Download the Modsecurity installation package.
Perform the Modsecurity installation on the IIS server.
Select the option to automatically configure the Modsecurity as an IIS module.
Advance until the Modsecurity installation is finished.
In our example, the Modsecurity was installed on the following directory.
Use the Wordpad application to edit the ModSecurity configuration file.
Locate the following line.
Change this line and save the configuration.
As Administrator, start an elevated command-line prompt.
Give the account named IIS_IUSRS permission over the IIS server directory named TEMP.
Start the application named: IIS Manager.
On the IIS Manager application, select your IIS server name.
On the right part of the screen, select the option to restart the IIS service.
On the IIS server, open your browser and enter the IP address of your web server.
In our example, the following URL was entered in the Browser:
• http://127.0.0.1
The HTTP page should be presented.
Case Modsecurity detects an issue with a request, the user will receive an error 403 message.
Congratulations! You successfully installed the Modsecurity on the IIS server.
