Debian/Ubuntu Tips and Tricks

Debuntu

Debian/Ubuntu Tips and Tricks

Secure your Apache2 with mod-security — page 3

Posted by chantra on 13th August 2006

This entry is part 3 of 3 in the series Secure your Apache2 with mod-security

4. mod-security filter examples:

Suppose for instance you want to prevent attackers injecting shell command execution through your scripts. You could use this query in order to block anything containing /bin/:

Read the rest of this entry »

Tags: ,
Posted in Administration, HowTo, HTTP | No Comments »

Secure your Apache2 with mod-security — page 2

Posted by chantra on 13th August 2006

This entry is part 2 of 3 in the series Secure your Apache2 with mod-security

3. Adding Filtering Rules:

mod-security can take two kinds of filters:

  • Simple Filters: SecFilter directive
  • Advance Filters: SecFilterSelective directive

Read the rest of this entry »

Tags: ,
Posted in Administration, HowTo, HTTP | No Comments »

Secure your Apache2 with mod-security

Posted by chantra on 13th August 2006

This entry is part 1 of 3 in the series Secure your Apache2 with mod-security

This article will show how-to install, configure and set up apache's mod-security module on a debian based system. This was done on Ubuntu Dapper and should fit any Debian based system.

Mod_security is an Apache 1.x/2.x module whose purpose is to tighten the Web application security by shielding the applications from attack. The idea is to filter request and web content before passing it to apache core.

Once installed, mod-security needs to be defined some rules matching patterns, filter request and HTTP stream and in the end do different actions like allowing, denying, log...

Effectively, it is an intrusion detection and/or prevention system for apache web server.

Read the rest of this entry »

Tags: ,
Posted in Administration, HowTo, HTTP | No Comments »