[OWASP-Malaysia] Bagaimana Hendak Gunakan Mod_security - Muzzo

Farhan Faisal farhanfaisal at gmail.com
Thu Jun 16 14:07:23 EDT 2011


Just to share,

ModSecurity rules ni depend ikut what version we use, either 1.x or 2.x.
Rules for mod_security 1.x cannot be used with mod_security2.x, and vice
versa. So, choose which version of mod_security u want, then search for
rules yang needed. The problem come if u install the latest version of
mod_security, 2.x, tapi when u search for rules, ada banyak rules and
tutorial for 1.x. Hope this note will helps.

And mod_security consume resource. U will see abit slow response from your
webserver lepas install. So, kena pilih rules la. Either u start from empty
rule, then add rules that u want, or start with complete rule, which mmg
confirm akan ada false positive, dan slowing your web response.

Still, lpas install, monitor for false positive, until at certain point, u
have a good set of rule to rely on, according to your need la (how your
web-app work). Keep it for other installations :)

Additional resource for mod_sec rule
http://www.gotroot.com/mod_security+rules

---------------------------------------------------------------------
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5657D74E
---------------------------------------------------------------------


2011/6/16 Harisfazillah Jamel <linuxmalaysia at gmail.com>

> Thanks Muzzo
>
> Untuk panduan yang senang difahami.
>
>
> http://muzzotechspot.blogspot.com/2011/06/how-to-use-mod-security-in-httpd.html
>
>
> Bacaan tambahan
>
>
> https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
>
> Mod_security Official website
>
> http://www.modsecurity.org/
>
> Panduan lama tapi boleh digunakan lagi
>
> http://www.howtoforge.com/apache_mod_security
>
> Mod_security adalah tool yang power dan sebagaimana tool yang power ia
> perlukan pengetahuan mendalam mengenai httpd dan aplikasi yang hendak
> dipertahankan.
>
>
> --
> Malaysia Open Source Software Conference 2011
> MOSC2011 http://www.mosc.my/
>
> Milking the Cloud Competition for MOSC2011
>
> http://www.mosc.my/articles/item/7-milking-the-cloud-competition-for-mosc2011
>
> LinuxMalaysia Network
> http://www.facebook.com/Bukan.Sekadar.Internet.Sahaja
>
> Harisfazillah Jamel
> _______________________________________________
> OWASP-Malaysia mailing list
> OWASP-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.my
>
> OWASP Malaysia Facebook
> http://www.facebook.com/OWASP.Malaysia
>
> OWASP Malaysia Twitter #owaspmy
> http://www.twitter.com/owaspmy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20110617/fb19bff9/attachment.html 


More information about the OWASP-Malaysia mailing list