ModSecurity 2.5.
Prevent web application hacking with this easy to use guide.
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham :
Packt Pub.,
2009.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- ModSecurity 2.5; ModSecurity 2.5; Credits; About the Author; About the Reviewers; Preface; What ModSecurity is; Why you need ModSecurity; What this book covers; What you need for this book; Who this book is for; Conventions; Reader feedback; Customer support; Errata; Piracy; Questions; 1. Installation and Configuration; Versions; Downloading; Checking the integrity of the downloaded source archive; Unpacking the source code; Required additional libraries and files; Compilation; Integrating ModSecurity with Apache; Configuration file; Completing the configuration; Testing your installation.
- Creating a simple ModSecurity ruleDisguising the web server signature; Summary; 2. Writing Rules; SecRule syntax; Variables and collections; The transaction collection; Storing data between requests; Examining several variables; Quotes: Sometimes you need them and sometimes you don't; Creating chained rules; Rule IDs; An introduction to regular expressions; Examples of regular expressions; More about regular expressions; Using @rx to block a remote host; Simple string matching; Matching numbers; More about collections; Counting items in collections.
- Filtering collection fields using a regular expressionBuilt-in fields; Transformation functions; Other operators; Set-based pattern matching with @pm and @pmFromFile; @pmFromFile; Performance of the phrase matching operators; Validating character ranges; Phases and rule ordering; Actions-what to do when a rule matches; Allowing requests; Blocking requests; Taking no action but continuing rule processing; Dropping requests; Redirecting and proxying requests; SecAction; Using the ctl action to control the rule engine; How to use the ctl action; Macro expansion; SecRule in practice.
- Blocking uncommon request methodsRestricting access to certain times of day; Detecting credit card leaks; Detecting credit card numbers; The Luhn algorithm and false positives; Tracking the geographical location of your visitors; GEO collection fields; Blocking users from specific countries; Load balancing requests between servers on different continents; Pausing requests for a specified amount of time; Executing shell scripts; Sending alert emails; Sending more detailed alert emails; Counting file downloads; Blocking brute-force password guessing; Injecting data into responses.
- Inspecting uploaded filesSummary; 3. Performance; A typical HTTP request; A real-world performance test; The core ruleset; Installing the core ruleset; Making sure it works; Performance testing basics; Using httperf; Getting a baseline: Testing without ModSecurity; Response time; Memory usage; CPU usage; ModSecurity without any loaded rules; ModSecurity with the core ruleset loaded; Response time; Memory usage; Finding the bottleneck; Wrapping up core ruleset performance; Optimizing performance; Memory consumption; Bypassing inspection of static content; Using @pm and @pmFromFile; Logging.