How to install?
1. Login to your server through SSH and su to the root user.

2. First your going to start out by grabbing the latest version of mod_security
wget http://www.modsecurity.org/download/modsecurity-apache_1.9.5.tar.gz


3. Next we untar the archive and cd into the directory:
tar zxvf modsecurity-apache_1.9.5.tar.gz
cd modsecurity-apache_1.9.5.tar.gz

4. Now you need to determine which version of apache you use:
APACHE 1.3.x users
cd apache1/
APACHE 2.x users
cd apache2/

5. Lets Compile the module now:
/usr/local/apache/bin/apxs -cia mod_security.c

6. Ok, now its time to edit the httpd conf file. First we will make a backup just incase something goes wrong:
cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.backup

7. Now that we have backed it all up, we can edit the httpd.conf. Replace pico with nano depending on what you have
pico /usr/local/apache/conf/httpd.conf

8. Lets look for something in the config, do this by holding control and pressing W and you are going to search for

<IfModule mod_dir.c> (altho any of the IfModules would work fine)

9. Now add this

<IfModule mod_security.c>
    # Turn the filtering engine On or Off
    SecFilterEngine On

    # Change Server: string
    SecServerSignature " "

    # Make sure that URL encoding is valid
    SecFilterCheckURLEncoding On

    # This setting should be set to On only if the Web site is
    # using the Unicode encoding. Otherwise it may interfere with
    # the normal Web site operation.
    SecFilterCheckUnicodeEncoding Off

    # Only allow bytes from this range
    SecFilterForceByteRange 1 255

    # The audit engine works independently and
    # can be turned On of Off on the per-server or
    # on the per-directory basis. "On" will log everything,
    # "DynamicOrRelevant" will log dynamic requests or violations,
    # and "RelevantOnly" will only log policy violations
    SecAuditEngine RelevantOnly

    # The name of the audit log file
    SecAuditLog /var/log/httpd/audit_log

    # Should mod_security inspect POST payloads
    SecFilterScanPOST On

    # Action to take by default
    SecFilterDefaultAction "deny,log,status:500"

    # Require HTTP_USER_AGENT and HTTP_HOST in all requests
    SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$"

    # Prevent path traversal (..) attacks
    #SecFilter "../"

    # Weaker XSS protection but allows common HTML tags
    SecFilter "<[[:space:]]*script"

    # Prevent XSS atacks (HTML/Javascript injection)
    SecFilter "<(.|n)+>"

    # Very crude filters to prevent SQL injection attacks
    SecFilter "delete[[:space:]]+from"
    SecFilter "insert[[:space:]]+into"
    SecFilter "select.+from"

    # Protecting from XSS attacks through the PHP session cookie
    SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
    SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
</IfModule>

10. Save the file Ctrl + X then Y

11. Restart Apache

/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start

You've successfully installed mod_security!