modsecurityhandbook英文版资源-CSDN文库

modsecurity

网络防火墙

需积分: 10 191 浏览量 2017-10-31 11:47:53 上传评论收藏 2.52MB PDF 举报

资源推荐

资源详情

资源评论

Ivan Ristic

MODSECURITY

HANDBOOK

The Complete Guide to Securing

Your Web Applications

Preview Release

Last update: Sat Jan 30 18:30:43 UTC 2010

iii
Table of Contents
Preface ...................................................................................................................  xv
Audience ........................................................................................................  xv
Contents of This Book ....................................................................................  xv
Updates .......................................................................................................... xv
Conventions ...................................................................................................  xv
Acknowledgements .........................................................................................  xv
I. User Guide ...........................................................................................................  1
1. Introduction ................................................................................................. 2
Brief History ............................................................................................  3
Understanding ModSecurity .....................................................................  4
What ModSecurity Does ........................................................................... 5
What Rules Look Like ..............................................................................  6
Transaction Lifecycle ................................................................................  7
Lifecycle Example .............................................................................  8
File Upload Example ......................................................................  11
Impact of ModSecurity on Web Server ..................................................... 12
Embedded vs. Reverse Proxy Mode .......................................................... 13
Missing from ModSecurity ...................................................................... 14
Resources ...............................................................................................  15
General Resources ..........................................................................  16
Developer Resources .......................................................................  17
Related Projects ..............................................................................  18
2. Installation .................................................................................................  19
Installation from Source .......................................................................... 20
Downloading Releases ..................................................................... 20
Downloading from Repository ........................................................  21
Compilation under Unix ................................................................. 23
Installation from Binaries ........................................................................ 27

iv
Fedora Core, CentOS, and Red Hat Enterprise Linux ......................... 27
Debian and Ubuntu ........................................................................ 27
Installation on Windows .........................................................................  28
3. Conﬁguration .............................................................................................  29
Folder Locations ..................................................................................... 30
Conﬁguration Layout .............................................................................. 32
Adding ModSecurity to Apache ...............................................................  33
Powering Up ..........................................................................................  34
Request Body Handling ..........................................................................  35
Response Body Handling ........................................................................  36
Filesystem Locations ...............................................................................  38
File Uploads ...........................................................................................  38
Debug Log .............................................................................................  39
Audit Log ............................................................................................... 39
Miscellaneous Options ............................................................................ 40
Default Rule Match Policy ....................................................................... 40
Handling Parsing Errors .......................................................................... 41
Verifying Installation ..............................................................................  42
4. Logging ...................................................................................................... 44
Debug Log .............................................................................................  44
Debugging in Production ................................................................ 45
Audit Log ............................................................................................... 47
Audit Log Entry Example ................................................................ 48
Concurrent Audit Log ..................................................................... 50
Remote Logging .....................................................................................  51
Conﬁguring Mlogc .........................................................................  53
Activating Mlogc ............................................................................  54
Troubleshooting Mlogc ...................................................................  56
File Upload Interception .........................................................................  57
Storing Files ...................................................................................  58
Inspecting Files ..............................................................................  58
Integrating with ClamAV ................................................................  60
Guardian Log .........................................................................................  61
Advanced Logging Conﬁguration ............................................................  62
Increasing Logging from a Rule .......................................................  62
Dynamically Altering Logging Conﬁguration .................................... 63
Removing Sensitive Data from Audit Logs ........................................  63
Selective Audit Logging ................................................................... 64
5. Rule Language Overview .............................................................................  66