mod_security not working at all

Solution 1:

Need more information to be able to help (all the relevant apache config from httpd.conf and modsecurity.conf).

However here's some pointers which might help you solve your issue yourself:

Are you using the correct IfModule command? I use mod_security2.c but not sure if that matters:

<IfModule mod_security2.c>
    Include conf/modsecurity.conf
</IfModule>

Have you tried stopping and starting Apache completely (not a graceful restart)?

Is there anything in the error logs after a full stop and restart. It should have some [:notice] entries like this:

ModSecurity for Apache/2.9.0 (http://www.modsecurity.org/) configured.
ModSecurity: APR compiled version="1.5.0"; loaded version="1.5.0"
...etc.

That shows ModSecurity has loaded.

Are there any PCRE errors in the error log file (which can happen if ModSecurity was compiled with a different version of PRCE than Apache)? Run an ldd command against httpd and the mod_security.so to make sure they match. As an FYI I do NOT get any security modules showing when I run that "httpd -M" command on my working version - I think because it's not loaded unless an Include is run.

Is the debug log being created but empty? If it's created then that's a good sign that ModSecurity itself is being loaded.

Are your Apache settings all in /etc/httpd/conf directory like that guide you used is suggesting? Not unknown to have several version's of Apache installed and the one you're editting the config for is not the one being used :-)

I recommend Ivan Ristic's ModSecurity handbook, a taster of which is available free: https://www.feistyduck.com/library/modsecurity-handbook-free/ and this covers installation. Ivan originally wrote ModSecurity so I'd recommend buying the whole book. It's a couple of versions behind but still mostly relevant. Main change not covered by book is that a rule id is now mandatory.