On 12/21/2013 10:09 PM, farid ridho wrote:
I'm going to make simple web application firewall like modsecurity. I want
to write apache module in C for filtering a web attack like SQL injection.
I put my web on http://localhost/vulweb my question is, when iam accessing
http://localhost/vulweb i want the apache module analysis the request
first, before continuing its to PHP website (if the request is not an
attack). Can anyone help me to explain how to make a module for this
purpose? and how to configure this module (sethandler, addhandler)??
PS: I have already know how to write helloworld apache module with C, and
run it through http://localhost/helloworld
Why?
You should be validating your information in PHP anyway, according to
exactly what is expected (you can't expect a general purpose module to
know that something which is valid on one page is invalid on another).
And if you validate your incoming data properly, you solve a lot more
potential problems than SQL injection.
It just seems to me you're going about this the wrong way - or trying to
take a short cut which doesn't really short cut anything - it just adds
a additional layer of unneeded complexity.
Jerry
