mod_security for Apache.
Something I have screwing around with lately is mod_security and I have to say I like it. It adds a lot of usefull features to Apache such as extended logging and filtering. I especially like the filtering. You can even set it up to block URLs that could be a security risk. Based on word matching like this:
SecFilter "!php"
or pattern matching :
SecFilter "<[[:space:]]>*script"
or even SQL like this:
SecFilter "delete[.*]from[[:spce:]]*"
It's possilbe to filter out stuff you don't want to, so use discretion when creating them. Used properly this can be a really nice tool. There is much more to mod_security than said here. If you run a Apache web server you should check it out.
Once set up, use Nikto to run a vulneribility scan against your machine. See how it goes, I would expect it do better under those conditions.
More info can be found here:
mod_security
Nikto
SecFilter "!php"
or pattern matching :
SecFilter "<[[:space:]]>*script"
or even SQL like this:
SecFilter "delete[.*]from[[:spce:]]*"
It's possilbe to filter out stuff you don't want to, so use discretion when creating them. Used properly this can be a really nice tool. There is much more to mod_security than said here. If you run a Apache web server you should check it out.
Once set up, use Nikto to run a vulneribility scan against your machine. See how it goes, I would expect it do better under those conditions.
More info can be found here:
mod_security
Nikto
0 Comments:
Post a Comment
<< Home