modsecurity
天天向上_好好学习
这个作者很懒,什么都没留下…
展开
-
Apache安装配置ModSecurity
http://www.2cto.com/Article/201212/174729.html1、安装LAMP和编译环境 环境说明 #Apache 2.2.5#Mysql 5.1.6#Centos 6.0安装apache+php+mysql #yum -y install httpd php mysql mys转载 2013-02-19 11:44:15 · 3668 阅读 · 0 评论 -
Modsecurity原理分析--从防御方面谈WAF的绕过(一)
0x00 背景知识一说到WAF,在我们安全工作者,或者作为普通的白帽子来说,就很头疼,因为好多时候,我们发到服务端的恶意流量都被挡掉了,于是就产生了各种绕“WAF”的话题,绕来绕去,也就无非那么多种,而且大多都是基于URLDecode的方式。虽然我的文章也会讲绕过,虽然也是那么几种,但是我会从防御的方面展示WAF规则的强大。笔者再次强调,如果你只是想学习WAF的绕过转载 2014-11-10 13:20:53 · 4742 阅读 · 0 评论 -
ModSecurity Advanced Topic of the Week: Detecting Malware with Fuzzy Hashing
In the most recent release of ModSecurity v2.9.0-RC1, we introduced a new operator called @fuzzyHash which uses functionality from the ssdeep tool. This blog post will demonstrate a powerful us转载 2015-01-14 10:12:25 · 1652 阅读 · 0 评论 -
ModSecurity Performance Recommendations
Sometimes we see ModSecurity users asking about performancein the mail-list. During this post I will talk about some important topics toimprove ModSecurity performance. 1 – HTTP Caching and Accelera转载 2015-01-04 11:08:43 · 677 阅读 · 0 评论