December 2012
Intermediate to advanced
552 pages
13h 16m
English
Content preview from Web Application Defender's CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Recipe 1-3: Installing the OWASP ModSecurity Core Rule Set (CRS)
This recipe shows you how to install and quickly configure the web application attack detection rules from the OWASP ModSecurity CRS. When this book was written, the CRS version was 2.2.5. Note that the rule logic described in this recipe may change in future versions of the CRS.
Ingredients
- OWASP ModSecurity CRS version 2.2.54
- modsecurity_crs_10_setup.conf
- modsecurity_crs_20_protocol_violations.conf
- modsecurity_crs_21_protocol_anomalies.conf
- modsecurity_crs_23_request_limits.conf
- modsecurity_crs_30_http_policy.conf
- modsecurity_crs_35_bad_robots.conf
- modsecurity_crs_40_generic_attacks.conf
- modsecurity_crs_41_sql_injection_attacks.conf
- modsecurity_crs_41_xss_attacks.conf
- modsecurity_crs_45_trojans.conf
- modsecurity_crs_47_common_exceptions.conf
- modsecurity_crs_49_inbound_blocking.conf
- modsecurity_crs_50_outbound.conf
- modsecurity_crs_59_outbound_blocking.conf
- modsecurity_crs_60_correlation.conf
OWASP ModSecurity CRS Overview
ModSecurity, on its own, has no built-in protections. To become useful, it must be configured with rules. End users certainly can create rules for their own use. However, most users have neither the time nor the expertise to properly develop rules to protect themselves from emerging web application attack techniques. To help solve this problem, the Trustwave SpiderLabs Research Team developed the OWASP ModSecurity CRS. Unlike intrusion detection and prevention systems, which rely on signatures ...