diff --git a/include/apache.sh b/include/apache.sh
index d765a01..2ad97cd 100644
--- a/include/apache.sh
+++ b/include/apache.sh
@@ -34,7 +34,7 @@ install_apache(){
 
     log "Info" "Starting to install dependencies packages for Apache..."
     local apt_list=(openssl libssl-dev libxml2-dev lynx lua-expat-dev)
-    local yum_list=(zlib-devel openssl-devel libxml2-devel lynx expat-devel lua-devel)
+    local yum_list=(zlib-devel openssl-devel libxml2-devel lynx expat-devel lua-devel lua)
     if check_sys packageManager apt; then
         for depend in ${apt_list[@]}; do
             error_detect_depends "apt-get -y install ${depend}"
@@ -190,6 +190,7 @@ EOF
     sed -i -r 's/^#(.*mod_actions.so)/\1/' ${apache_location}/conf/httpd.conf
     sed -i -r 's/^#(.*mod_speling.so)/\1/' ${apache_location}/conf/httpd.conf
     sed -i -r 's/^#(.*mod_userdir.so)/\1/' ${apache_location}/conf/httpd.conf
+    sed -i -r 's/^#(.*mod_unique_id.so)/\1/' ${apache_location}/conf/httpd.conf
 
     echo "ProtocolsHonorOrder On" >> ${apache_location}/conf/httpd.conf
     echo "Protocols h2 http/1.1" >> ${apache_location}/conf/httpd.conf
@@ -230,6 +231,7 @@ EOF
 
 install_apache_modules(){
     if_in_array "${mod_wsgi_filename}" "${apache_modules_install}" && install_mod_wsgi
+    if_in_array "${mod_security_filename}" "${apache_modules_install}" && install_mod_security
     if_in_array "${mod_jk_filename}" "${apache_modules_install}" && install_mod_jk
 }
 
@@ -268,3 +270,22 @@ install_mod_jk(){
     fi
     log "Info" "${mod_jk_filename} install completed..."
 }
+
+install_mod_security(){
+    cd ${cur_dir}/software/
+    log "Info" "${mod_security_filename} install start..."
+    download_file "${mod_security_filename}.tar.gz"
+    tar zxf ${mod_security_filename}.tar.gz
+    cd ${mod_security_filename}
+
+    error_detect "./configure --prefix=${depends_prefix} --with-apxs=${apache_location}/bin/apxs --with-apr=${apache_location}/bin/apr-1-config --with-apu=${apache_location}/bin/apu-1-config"
+    error_detect "make"
+    error_detect "make install"
+    chmod 755 ${apache_location}/modules/mod_security2.so
+    # add mod_security to httpd.conf
+    if [[ `grep -E -c "^\s*LoadModule security2_module modules/mod_security2.so" ${apache_location}/conf/httpd.conf` -eq 0 ]]; then
+        lnum=$(sed -n '/LoadModule/=' ${apache_location}/conf/httpd.conf | tail -1)
+        sed -i "${lnum}aLoadModule security2_module modules/mod_security2.so" ${apache_location}/conf/httpd.conf
+    fi
+    log "Info" "${mod_security_filename} install completed..."
+}
diff --git a/include/config.sh b/include/config.sh
index 31456ae..33af3b7 100644
--- a/include/config.sh
+++ b/include/config.sh
@@ -80,6 +80,9 @@ mod_wsgi_filename="mod_wsgi-4.5.24"
 #mod_jk
 mod_jk_filename="tomcat-connectors-1.2.42-src"
 set_hint ${mod_jk_filename} "mod_jk-1.2.42"
+#mod_security
+mod_security_filename="modsecurity-2.9.2"
+set_hint ${mod_security_filename} "mod_security-2.9.2"
 #mhash
 mhash_filename="mhash-0.9.9.9"
 #libmcrypt
@@ -148,6 +151,7 @@ do_not_install
 
 apache_modules_arr=(
 ${mod_wsgi_filename}
+${mod_security_filename}
 ${mod_jk_filename}
 do_not_install
 )
diff --git a/include/upgrade_apache.sh b/include/upgrade_apache.sh
index 7142e0c..9540516 100644
--- a/include/upgrade_apache.sh
+++ b/include/upgrade_apache.sh
@@ -107,6 +107,9 @@ upgrade_apache(){
         if [ -f ${apache_location}.bak/modules/mod_jk.so ]; then
             cp -pf ${apache_location}.bak/modules/mod_jk.so ${apache_location}/modules/
         fi
+        if [ -f ${apache_location}.bak/modules/mod_security2.so ]; then
+            cp -pf ${apache_location}.bak/modules/mod_security2.so ${apache_location}/modules/
+        fi
 
         log "Info" "Clear up start..."
         cd ${cur_dir}/software