How to Install MISP on Ubuntu 22.04

Estimated read time 3 min read

MISP, or Malware Information Sharing Platform, is an open-source threat intelligence platform used for gathering, sharing, storing, and correlating Indicators of Compromise of targeted attacks, threat intelligence, and even financial fraud information. This guide will take you through the installation of MISP on Ubuntu 22.04.

Step 1: Update Your System

Before you start, ensure your system package database is updated:

sudo apt update
sudo apt upgrade

Step 2: Install Required Dependencies

MISP requires several software dependencies to run properly. You can install these using the command:

sudo apt install curl git libapache2-mod-php php php-cli php-dev php-json php-mysql php-redis php-xml php-mbstring php-gd php-opcache php-readline mysql-client redis-server unzip python3-pip python3-dev python3-redis python3-setuptools mariadb-server mariadb-client -y

Step 3: Download MISP

Clone the MISP repository from GitHub to your preferred location:

cd /var/www
sudo git clone

Step 4: Set Up Database

Log into MariaDB (MySQL):

sudo mysql -u root -p

Then, create a database for MISP:

GRANT USAGE ON *.* TO misp@localhost IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON misp.* TO misp@localhost;

Replace ‘password’ with a strong password of your choice.

Step 5: Configure MISP

Navigate to the MISP directory and configure the installation:

cd /var/www/MISP
sudo cp -a INSTALL/apache.misp.ssl /etc/apache2/sites-available/misp.conf
sudo cp app/Config/bootstrap.default.php app/Config/bootstrap.php
sudo cp app/Config/database.default.php app/Config/database.php
sudo cp app/Config/core.default.php app/Config/core.php
sudo cp app/Config/config.default.php app/Config/config.php

Step 6: Install CakePHP

MISP uses the CakePHP framework. Install it and other components with the following commands:

sudo curl -s | php
sudo php composer.phar require kamisama/cake-resque:4.1.2
sudo php composer.phar config vendor-dir Vendor
sudo php composer.phar install

Step 7: Set Permissions and Enable Apache Mods

Finally, set the correct permissions, enable necessary Apache mods, and restart Apache:

sudo chown -R www-data:www-data /var/www/MISP
sudo chmod -R 750 /var/www/MISP
sudo chmod -R g+ws /var/www/MISP/app/tmp
sudo chmod -R g+ws /var/www/MISP/app/files
sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
sudo a2dismod status
sudo a2enmod ssl
sudo a2enmod rewrite
sudo a2enmod headers
sudo a2dissite 000-default
sudo a2ensite misp
sudo systemctl restart apache2

Now, open your web browser and navigate to your server’s domain name or IP address to complete the MISP installation.

Please note: These are high-level instructions, and the specifics may vary depending on your server configuration. Be sure to consult the MISP installation documentation for more detailed instructions and troubleshooting.

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author