Mobile Linux
App Generation ROI

IBM® developerWorks
Sun Developer Network
Weekly Newsletter
Developer Updates
Free Website Content

Articles

Forums

All Feeds

Write For Us Get Paid

Request Media Kit

Site Map

Privacy Policy
Support

USERNAME

PASSWORD

>>> SIGN UP!

Lost Password?

JAVASCRIPT

RSS

Using Mod_Security to Protect Your Server

By: O'Reilly Media	Search For More Articles! Disclaimer Author Terms
Rating: / 1
2008-10-09

Table of Contents:

Using Mod_Security to Protect Your Server

Actions

PHP

Application Server Hardening

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

Using Mod_Security to Protect Your Server

(Page 1 of 4 )

In this conclusion to a five-part series on securing your web server, we focus on mod_security. This article is excerpted from chapter four of Securing Ajax Applications: Ensuring the Safety of the Dynamic Web, written by Christopher Wells (O'Reilly, 2007; ISBN: 0596529317). Copyright © 2007 O'Reilly Media, Inc. All rights reserved. Used with permission from the publisher. Available from booksellers or direct from O'Reilly Media.

Installation

You can get the mod_security packages using apt:

apt-get install libapache2-mod-securit y
a2enmod mod-security
/etc/init.d/apache2 force-reload

The file /etc/httpd/conf.d/mod_security.conf should now exist.

Basic conﬁguration

mod_security.conf contains an example mod_security configuration. The example configuration has a lot of stuff in it that we may not need, so I recommend trimming the file down a bit and starting with the basics:

contains an example configuration. The example configuration has a lot of stuff in it that we may not need, so Irecommend trimming the file down a bit and starting with the basics:

<IfModule mod_security.c>
# Turn the filtering engine On or Off
SecFilterEngine On

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On

# Unicode encoding check
SecFilterCheckUnicodeEncoding Off

# Only allow bytes from this range
SecFilterForceByteRange 0 255

# Only log actionable requests
SecAuditEngine RelevantOnly

# The name of the audit log file
SecAuditLog /var/log/apache2/audit_log

      # Debug level set to a minimum
      SecFilterDebugLog /var/log/apache2
/modsec_debug_log
      SecFilterDebugLevel 0

# Should mod_security inspect POST payloads
SecFilterScanPOST On

      # By default log and deny suspicious requests
      # with HTTP status 500
      SecFilterDefaultAction "deny,log,status:500"

# Add custom secfilter rules here

</IfModule>

From here, we can look at what actions we can configure.

Next: Actions >>

More JavaScript Articles
More By O'Reilly Media

Comments On: Using Mod_Security to Protect Your Server
· This article is an excerpt from the book "Securing Ajax Applications: Ensuring the...

>>> Post your comment now!

Buy this book...
This article is excerpted from chapter four of Securing Ajax Applications: Ensuring the Safety of the Dynamic Web, written by Christopher Wells (O'Reilly, 2007; ISBN: 0596529317). Check it out today at your favorite bookstore. Buy this book now.

JAVASCRIPT ARTICLES

- Using Click Interceptions with a Database-Dr...
- Using JavaScript Click Interceptions in an I...
- Using Click Interceptions with JavaScript
- QuickSort in Action
- Quicksort
- Using Mod_Security to Protect Your Server
- Detecting and Countering Server Intrusions
- Securing Your Web Server
- Building a Secure Web Server
- Protecting the Server
- Book Review: Learning the Yahoo! User Interf...
- Dynamically Generate a Selection List in a R...
- Intergrate DWR into Your Java Web Application
- Detect Browser Compatibility with the Reques...
- Using the EXT JS Date Picker Widget
Find More JavaScript Articles