Step 1: Install ModSecurity
sudo apt install libapache2-mod-security2 -yStep 2: Enable Module
sudo a2enmod security2
sudo systemctl restart apache2Step 3: Configure Core Rules
sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sudo nano /etc/modsecurity/modsecurity.confChange:
SecRuleEngine OnStep 4: Install OWASP CRS
sudo git clone https://github.com/coreruleset/coreruleset /usr/local/coreruleset
sudo cp /usr/local/coreruleset/crs-setup.conf.example /usr/local/coreruleset/crs-setup.confStep 5: Include in Apache Config
sudo nano /etc/apache2/conf-available/security2.confAdd:
Include /usr/local/coreruleset/crs-setup.conf
Include /usr/local/coreruleset/rules/*.confStep 6: Restart Apache
sudo systemctl restart apache2