Just to share, ModSecurity rules ni depend ikut what version we use, either 1.x or 2.x. Rules for mod_security 1.x cannot be used with mod_security2.x, and vice versa. So, choose which version of mod_security u want, then search for rules yang needed. The problem come if u install the latest version of mod_security, 2.x, tapi when u search for rules, ada banyak rules and tutorial for 1.x. Hope this note will helps.
And mod_security consume resource. U will see abit slow response from your webserver lepas install. So, kena pilih rules la. Either u start from empty rule, then add rules that u want, or start with complete rule, which mmg confirm akan ada false positive, dan slowing your web response. Still, lpas install, monitor for false positive, until at certain point, u have a good set of rule to rely on, according to your need la (how your web-app work). Keep it for other installations :) Additional resource for mod_sec rule http://www.gotroot.com/mod_security+rules --------------------------------------------------------------------- http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5657D74E --------------------------------------------------------------------- 2011/6/16 Harisfazillah Jamel <[email protected]> > Thanks Muzzo > > Untuk panduan yang senang difahami. > > > http://muzzotechspot.blogspot.com/2011/06/how-to-use-mod-security-in-httpd.html > > > Bacaan tambahan > > > https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project > > Mod_security Official website > > http://www.modsecurity.org/ > > Panduan lama tapi boleh digunakan lagi > > http://www.howtoforge.com/apache_mod_security > > Mod_security adalah tool yang power dan sebagaimana tool yang power ia > perlukan pengetahuan mendalam mengenai httpd dan aplikasi yang hendak > dipertahankan. > > > -- > Malaysia Open Source Software Conference 2011 > MOSC2011 http://www.mosc.my/ > > Milking the Cloud Competition for MOSC2011 > > http://www.mosc.my/articles/item/7-milking-the-cloud-competition-for-mosc2011 > > LinuxMalaysia Network > http://www.facebook.com/Bukan.Sekadar.Internet.Sahaja > > Harisfazillah Jamel > _______________________________________________ > OWASP-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.my > > OWASP Malaysia Facebook > http://www.facebook.com/OWASP.Malaysia > > OWASP Malaysia Twitter #owaspmy > http://www.twitter.com/owaspmy >
_______________________________________________ OWASP-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.my OWASP Malaysia Facebook http://www.facebook.com/OWASP.Malaysia OWASP Malaysia Twitter #owaspmy http://www.twitter.com/owaspmy
