modsecurity
美了美了
java python
展开
-
modsecurity系列四:规则实战2
Unconditional rules无条件规则The actions you specify in a SecRule execute when a match occurs, but you can use the SecAction directive to do something unconditionally. This directive accepts only one p翻译 2016-04-25 18:22:39 · 3448 阅读 · 0 评论 -
modsecurity系列五:白名单
Whitelisting mechanicsWhitelisting rules need to be executed before all your other detection rules, which means they should always follow your configuration and system rules. It is a good idea to ha翻译 2016-04-26 14:45:29 · 2341 阅读 · 0 评论 -
modsecurity系列一:简介
SecRule VARIABLES OPERATOR ACTIONSThe three parts have the following meanings:1. The VARIABLES part tells ModSecurity where to look. The ARGS variable, used in theexample, means all request para翻译 2016-04-18 17:40:19 · 1962 阅读 · 0 评论 -
modsecurity系列二:主文件配置
Main configuration directives主要的有如下几个:SecArgumentSeparator Sets the application/x-www-form-urlencoded parameter separatorSecCookieFormat Sets the cookie parser versionSecDataDir Sets the folde翻译 2016-04-19 15:03:10 · 1102 阅读 · 0 评论 -
modsecurity系列三:规则2-Operators
OperatorsIn the examples so far the assumption was that we are always going to use regular pattern matching against input. While regular expressions are very useful, there are often times when you w翻译 2016-04-20 11:58:11 · 992 阅读 · 0 评论 -
modsecurity系列三:规则1-Variables
The Rule Language is implemented using 9 directives规则语言如下:SecAction Performs an unconditional action. This directive is essentially a rule that alwaysmatches.SecDefaultAction Specifies the def翻译 2016-04-19 18:51:08 · 1217 阅读 · 0 评论 -
modsecurity系列三:规则3-Actions
ActionsActions make ModSecurity tick. They make it possible to react to events and, more importantly,they are the glue that hold everything else together and make the advanced features possible. T翻译 2016-04-20 16:25:35 · 1332 阅读 · 0 评论 -
modsecurity系列四:规则实战1
Introducing simple rules and operators介绍简单的规则和操作The simplest possible rule will specify only a variable and a regular expression. In the example that follows, we look at the request URI, trying to翻译 2016-04-22 17:16:08 · 2063 阅读 · 0 评论 -
Modsecurity白名单
SecRule REMOTE_ADDR "@streq 192.168.1.1" phase:1,t:none,nolog,allowSecRule REMOTE_ADDR "@rx ^192\.168\.1\.(1|5|10)$" phase:1,t:none,nolog,allowSecRule REMOTE_ADDR "@streq 192.168.1.1"原创 2016-05-31 15:54:07 · 1789 阅读 · 0 评论