[Owasp-Malaysia] How to test mod_security

Muzamir Mokhtar muzamir at pahang.gov.my
Sun Sep 5 02:29:42 EDT 2010


Salam,

I have setup mod_security in my httpd.
I have use rules from owasp.
I have enable the rules and use the default ruleset.
I have enable audit log.

Question :
1) How do i know my mod_security is working properly?
2) Is there any additional modification i need to do in order to block  
the vulnerable attack such as sql injection, xss, spam comment and  
others.

Please do advice me on this.

-- 
Muzamir bin Mokhtar,
Pegawai Teknologi Maklumat (F44)
Unit Operasi
Bahagian Teknologi Maklumat
Pej SUK Pahang
TEL : 095129424/425
FAX : 095163490
http://muzzoshah.blogspot.com
http://muzzotechspot.blogspot.com


----------------------------------------------------------------
DISCLAIMER:
This e-mail and the attachment is from State Government of Pahang,  
Malaysia. It is intended solely for the person to whom they are  
addressed and may be confidential and privileged. If you are not the  
intended recipient, you are notified that disclosing, distributing,  
copying or taking any action in reliance of the content of this  
information is strictly prohibited. Please notify the sender  
immediately if you have received this e-mail and delete it from your  
system. The recipient should check the e-mail and any attachment for  
the presence of viruses that could be transmitted via e-mail. Email  
transmission cannot be guaranteed to be secure or error free as  
information could be intercepted, corrupted, lost, destroyed,  
incomplete or contain viruses. State Government of Pahang, Malaysia  
accepts no liability for any errors or omissions in the contents of  
this message which arises as a result of e-mail transmission.  
Opinions, conclusions and other information in this e-mail that does  
not relate to the official business of State Government of Pahang,  
Malaysia shall be understood as neither given nor endorsed by State  
Government of Pahang, Malaysia.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the Owasp-Malaysia mailing list