没有合适的资源?快使用搜索试试~ 我知道了~
modsecurity handbook英文版
需积分: 10 15 下载量 191 浏览量
2017-10-31
11:47:53
上传
评论
收藏 2.52MB PDF 举报
温馨提示
试读
307页
modsecurity handbook完整版。包含了所有的动作以及使用场景分析,网络安全必看手册
资源推荐
资源详情
资源评论
Ivan Ristic
MODSECURITY
HANDBOOK
The Complete Guide to Securing
Your Web Applications
Preview Release
Last update: Sat Jan 30 18:30:43 UTC 2010
ModSecurity Handbook
Ivan Ristiæ
ModSecurity Handbook
by Ivan Ristiæ
Copyright © 2009, 2010 Ivan Ristiæ
iii
Table of Contents
Preface ................................................................................................................... xv
Audience ........................................................................................................ xv
Contents of This Book .................................................................................... xv
Updates .......................................................................................................... xv
Conventions ................................................................................................... xv
Acknowledgements ......................................................................................... xv
I. User Guide ........................................................................................................... 1
1. Introduction ................................................................................................. 2
Brief History ............................................................................................ 3
Understanding ModSecurity ..................................................................... 4
What ModSecurity Does ........................................................................... 5
What Rules Look Like .............................................................................. 6
Transaction Lifecycle ................................................................................ 7
Lifecycle Example ............................................................................. 8
File Upload Example ...................................................................... 11
Impact of ModSecurity on Web Server ..................................................... 12
Embedded vs. Reverse Proxy Mode .......................................................... 13
Missing from ModSecurity ...................................................................... 14
Resources ............................................................................................... 15
General Resources .......................................................................... 16
Developer Resources ....................................................................... 17
Related Projects .............................................................................. 18
2. Installation ................................................................................................. 19
Installation from Source .......................................................................... 20
Downloading Releases ..................................................................... 20
Downloading from Repository ........................................................ 21
Compilation under Unix ................................................................. 23
Installation from Binaries ........................................................................ 27
iv
Fedora Core, CentOS, and Red Hat Enterprise Linux ......................... 27
Debian and Ubuntu ........................................................................ 27
Installation on Windows ......................................................................... 28
3. Configuration ............................................................................................. 29
Folder Locations ..................................................................................... 30
Configuration Layout .............................................................................. 32
Adding ModSecurity to Apache ............................................................... 33
Powering Up .......................................................................................... 34
Request Body Handling .......................................................................... 35
Response Body Handling ........................................................................ 36
Filesystem Locations ............................................................................... 38
File Uploads ........................................................................................... 38
Debug Log ............................................................................................. 39
Audit Log ............................................................................................... 39
Miscellaneous Options ............................................................................ 40
Default Rule Match Policy ....................................................................... 40
Handling Parsing Errors .......................................................................... 41
Verifying Installation .............................................................................. 42
4. Logging ...................................................................................................... 44
Debug Log ............................................................................................. 44
Debugging in Production ................................................................ 45
Audit Log ............................................................................................... 47
Audit Log Entry Example ................................................................ 48
Concurrent Audit Log ..................................................................... 50
Remote Logging ..................................................................................... 51
Configuring Mlogc ......................................................................... 53
Activating Mlogc ............................................................................ 54
Troubleshooting Mlogc ................................................................... 56
File Upload Interception ......................................................................... 57
Storing Files ................................................................................... 58
Inspecting Files .............................................................................. 58
Integrating with ClamAV ................................................................ 60
Guardian Log ......................................................................................... 61
Advanced Logging Configuration ............................................................ 62
Increasing Logging from a Rule ....................................................... 62
Dynamically Altering Logging Configuration .................................... 63
Removing Sensitive Data from Audit Logs ........................................ 63
Selective Audit Logging ................................................................... 64
5. Rule Language Overview ............................................................................. 66
剩余306页未读,继续阅读
资源评论
zdd2399091
- 粉丝: 1
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 电子万年历软件仿真(经过多次修改,保证正确性)
- Unity XR 手势射击控制脚本(适用于任何可手势识别的设备)
- 机械设计全自动电表(NB和IC卡表)控制和上壳装配线sw16可编辑非常好的设计图纸100%好用.zip
- 基于matlab的EAN-13条形码识别系统GUI界面.zip代码53
- matlab基于bp神经网络交通信号标志识别GUI界面13个标志.zip代码54
- 电子万年历答辩实物展示视频mp4格式
- 基于python实现的程序,包括哈希感知算法cvHash,图像切割cvsplit,固定目标检测cvRec(附文档ppt)等
- 计算0-10000之间所有偶数的和
- multiled.zip
- 基于php实现的哈希算法的人脸检索
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功