Home arrow JavaScript arrow Page 2 - Using Mod_Security to Protect Your Server
JAVASCRIPT

Using Mod_Security to Protect Your Server


In this conclusion to a five-part series on securing your web server, we focus on mod_security. This article is excerpted from chapter four of Securing Ajax Applications: Ensuring the Safety of the Dynamic Web, written by Christopher Wells (O'Reilly, 2007; ISBN: 0596529317). Copyright © 2007 O'Reilly Media, Inc. All rights reserved. Used with permission from the publisher. Available from booksellers or direct from O'Reilly Media.

Author Info:
By: O'Reilly Media
Poor Best
Rating: 5 stars5 stars5 stars5 stars5 stars / 2
October 09, 2008
TABLE OF CONTENTS:
  1. · Using Mod_Security to Protect Your Server
  2. · Actions
  3. · PHP
  4. · Application Server Hardening

print this article
SEARCH DEVARTICLES

TOOLS YOU CAN USE

advertisement
Using Mod_Security to Protect Your Server - Actions
(Page 2 of 4 )

 

Table 4-1 lists the most important actions mod_security can apply to an event caught by the filtering ruleset.

Table 4-1. mod_security filtering rulesets

Action Description
allow Skip remaining rules and allow the matching request.
auditlog Write request to the audit log.
chain Chain the current rule with the rule that follows.
deny Deny the request.
Exec Execute (launch) an external script or process as a result of this request.
Log Log the request (Apache error_log and audit log).
msg Message that will appear in the log.
noauditlog Do not log the match to the audit log.
nolog Do not log the match to any log.
Pass Proceed to next rule.
redirect If request is denied then redirect to this URL.
status Use the supplied status codes if a request is denied.

Now, we can configure a few basic rules specific to our environment that enable mod_security to protect our applications.

Filters

Let’s say some of our applications pass parameters around that may end up in our MySql database. Let’s also say we were lazy and did not positively validate those fields before trying to INSERT them into the database. Then, some wily hacker comes along and tries to perform a SQL injection attack.

So, how does this really work? With mod_security’s filters we can write rules that look for these kinds of attacks:

  SecFilter "drop[[:space:]]table "
  SecFilter "select.+from"
  SecFilter "insert[[:space:]]+into"

Resources

Ivan Ristic has provided a thorough primer on mod_security in his book Apache Security (O’Reilly). Go pick up a copy and have a look. I also highly recommend a visit to the site http://www.modsecurity.org/ if you intend on using mod_security. There you will find documentation, tools, and additional downloads.

Next: PHP >>

blog comments powered by Disqus
JAVASCRIPT ARTICLES

- More Top jQuery Tutorials for Beginners
- More Top jQuery Plugins for Menus
- Top jQuery Tutorials for Beginners
- New UI Framework and SDK for JavaScript Rele...
- JavaScript OpenPGP Tool, Node.js 0.6.3 Avail...
- Yahoo Releases Cocktails Language and Develo...
- Customizing jQuery Slideshows: Dynamic Contr...
- Customizing jQuery Slideshows: the animate()...
- Customizing jQuery Slideshows: slideUp() and...
- Customizing jQuery Slideshows: hide() and sh...
- Web Workers: Performing Calculations in Para...
- More Top JavaScript Frameworks and Libraries
- More Dynamic jQuery Styling Techniques
- The Top JavaScript Libraries
- The Top JavaScript Frameworks
Find More JavaScript Tutorials

Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 



© 2003-2012 by Developer Shed. All rights reserved. DS Cluster 11 - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials