{"id":868,"date":"2010-01-29T16:11:06","date_gmt":"2010-01-29T23:11:06","guid":{"rendered":"http:\/\/www.laurenwood.org\/anyway\/?p=868"},"modified":"2010-01-29T16:11:06","modified_gmt":"2010-01-29T23:11:06","slug":"more-mod_security","status":"publish","type":"post","link":"https:\/\/www.laurenwood.org\/anyway\/2010\/01\/more-mod_security\/","title":{"rendered":"More mod_security"},"content":{"rendered":"

After I wrote my piece about mod_security<\/a>, the people at Packt Pub\u00adlish\u00ading<\/a> offered me a copy of their book Mod\u00adSe\u00adcur\u00adity 2.5<\/a>, with the pro\u00adviso that I review it. This soun\u00added like a reas\u00adon\u00adable idea to me.<\/p>\n

Over\u00adall, I would recom\u00admend the book to people who are run\u00adning Apache and need to know more about rel\u00adat\u00adively simple ways to add secur\u00adity to their web sites. The book motiv\u00adates the use of mod_security and con\u00advinced me that any\u00adone host\u00ading a web site should have it installed, ready to deal with any prob\u00adlems you encounter. The book goes through com\u00admon scen\u00adari\u00ados and what mod_security can do to deal with them, includ\u00ading recent events such as an attack on Twit\u00adter in April 2009. All the examples are explained clearly, and the rule con\u00adfig\u00adur\u00ada\u00adtions will look famil\u00adi\u00adar if you\u2019ve had some prac\u00adtice writ\u00ading either Rewrit\u00adeEn\u00adgine dir\u00adect\u00adives or httpd.conf vhost con\u00adfig\u00adur\u00ada\u00adtions. It also shows how to send alert emails or count the num\u00adber of times a file has been down\u00adloaded, which I thought were nice additions. <\/p>\n

As is the case with any secur\u00adity sys\u00adtems, there are lay\u00aders upon lay\u00aders of things you can do, and the book includes quite a few that I think are overkill unless you sus\u00adpect you\u2019re being tar\u00adgeted for some reas\u00adon (such as fin\u00adan\u00adcial or con\u00adtro\u00adver\u00adsial sites). If you do have one of those sites, the chapter on block\u00ading com\u00admon attacks alone could save a lot of pain. Many of the com\u00admon attacks are covered (SQL<\/span> injec\u00adtion, XSS<\/span>, etc.), along with ways to com\u00adbat them. <\/p>\n

The book includes instruc\u00adtions on installing a couple of GUI<\/span> tools to help mon\u00adit\u00ador incid\u00adents; I did\u00adn\u2019t have time to install all of these giv\u00aden the OpenSolaris\/Linux dif\u00adfer\u00adences and it\u2019s less import\u00adant for me giv\u00aden the fact I\u2019m not run\u00adning sites that are likely to be attacked (my high-band\u00adwidth sites are on com\u00admer\u00adcial host\u00ading). If you\u2019re run\u00adning import\u00adant web sites, you\u2019d prob\u00adably want to set up these tools to work prop\u00aderly to save hunt\u00ading through log files yourself.<\/p>\n

I tested a few things out on the OpenSol\u00adar\u00adis box in the base\u00adment; get\u00adting it installed was a little dif\u00adfer\u00adent to the book (which is writ\u00adten mostly assum\u00ading a Linux web stack).<\/p>\n

mod_security is installed with 2009.06 ver\u00adsion of the OpenSol\u00adar\u00adis web stack, but not act\u00adive. To activ\u00adate: pfexec cp \/etc\/apache2\/2.2\/samples-conf.d\/security2.conf \/etc\/apache2\/2.2\/conf.d\/security2.conf<\/code>. Restart the serv\u00ader with svcadm restart apache22<\/code> and check that mod_security is installed by see\u00ading if the logs are avail\u00adable under \/var\/apache2\/2.2\/logs. You can also check if the mod\u00adule is loaded by cre\u00adat\u00ading and execut\u00ading a phpinfo file.<\/p>\n","protected":false},"excerpt":{"rendered":"

After I wrote my piece about mod_security, the people at Packt Pub\u00adlish\u00ading offered me a copy of their book Mod\u00adSe\u00adcur\u00adity 2.5, with the pro\u00adviso that I review it. This soun\u00added like a reas\u00adon\u00adable idea to me. Over\u00adall, I would recom\u00admend the book to people who are run\u00adning Apache and need to know more about rel\u00adat\u00adively simple \u2026 Con\u00adtin\u00adue read\u00ading \u201cMore mod_security\u201d<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"","activitypub_status":"","footnotes":""},"categories":[6],"tags":[],"class_list":["post-868","post","type-post","status-publish","format-standard","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts\/868","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/comments?post=868"}],"version-history":[{"count":28,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts\/868\/revisions"}],"predecessor-version":[{"id":893,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts\/868\/revisions\/893"}],"wp:attachment":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/media?parent=868"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/categories?post=868"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/tags?post=868"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}