33 users online (0 members and 33 guests)  


  Results 1 to 1 of 1

Related

  1. PHP Shopping Cart Rules    Forum: PHP Forum
    Replies: 1
  2. Replies: 1
  1. #1
    Gaiacom_LC's Avatar
    New User

    Status
    Offline
    Join Date
    Jan 2014
    Posts
    14

    Exclamation Recommended Best mod_security Rules for Secure Web Servers

    We often have requests to configure the “best rules” for mod_security. Mod_security is a popular Apache plugin that serves as a Web Application Firewall, screening requests coming in to the webserver based on a set of configurable rules.

    Because every website and application has slightly different circumstances, which will require some fine-tuning of the rules, there is no "best" ruleset. However, I want to share the rules below, which are a good basic set to use on a web server to enhance security.

    You should copy the entire text of these rules (or whichever rules you would like to activate) into your*modsec2.user.conf*configuration file, or the configuration file your mod_security installation has setup for user-configurable rules.

    If you do not have mod_security installed, it's very easy to configure with ConfigServer's free ModSecurity plugin for cPanel: http://configserver.com/cp/cmc.html

    Try the rules below, for example:

    SecRule ARGS {php} "severity:4,log,deny,id:6624001"
    SecRule ARGS eval "severity:4,log,deny,id:6624002"
    SecRule ARGS base64_decode "severity:4,log,deny,id:6624003"
    SecRule REQUEST_URI|ARGS|REQUEST_BODY "base64_decode" "severity:4,log,deny,msg:'Access Denied'id:'6624009'"
    SecRule REQUEST_URI|ARGS|REQUEST_BODY "eval" "severity:4,log,deny,msg:'Access Denied'id:'6624010'"
    SecRule REQUEST_URI|ARGS|REQUEST_BODY "{php}" "severity:4,log,deny,msg:'Access Denied'id:'6624011'"
    For the full ruleset, which is difficult to post due to its "explicit" content, and additional rules for securing against SQL injection attacks, self promotion removed.

    Of course, like I mentioned, every application has different web security needs. What do you think about mod_security's effectiveness and ease of use?
    Last edited by HTML; 02-20-2014 at 07:38 PM.