نمایش نتایج: از شماره 1 تا 1 , از مجموع 1

موضوع: آموزش نصب و تنظیم Mod_Security

  1. #1
    Banned
    تاریخ عضویت
    Feb 2009
    محل سکونت
    قزوین
    نوشته ها
    1,154
    تشکر
    449
    تشکر شده 778 بار در 463 پست

    پیش فرض آموزش نصب و تنظیم Mod_Security

    سلام ..
    شاید تکراری باشه ..(چون خودمم قبلا" آموزشش رو گذاشتم + چند تا از دوستان دیگه )
    اما این آموزش واقعا" کامل هست + تنظیماتش رو هم توضیح داده!
    البته خوب به زبان اصلی هست
    کد:
    Introduction
    
    You're only minutes away from protecting your web sites from all manner of attack and spam. To do this, you need to download one piece of software, mod_security, install it on your web server and then configure it. Its not difficult or time consuming at all, and if you follow these instructions you should be ready to go in minutes!
    What you need to install this software
    
    You either need to have root or administrative rights on your server to install mod_security, or you need to ask your administrator to do it for you. A lot of ISP's use mod_security these days, so it may already be installed on your server. If its not, you can use these instructions to set it up. It literally takes less than 30 seconds to install mod_security.
    Downloading mod_security
    
    The first thing you need to do is download the software. You can download it from our archives:
    
    http://www.gotroot.com/downloads/ftp/mod_security/modsecurity-software
    
    Or from the official website (external link) (cache).
    Installing mod_security
    
    Follow the instructions on the Setting up mod_security page.
    Where to get the rules?
    
    ModSecurity is an Intrusion Prevention system, and uses rules, or signatures, to help protect your system from attack or spam. We publish the largest collection of rules and blacklists for mod_security on the Internet?. Mod_security works on any platform, including Solaris, Linux, BSD, MacOS and Windows based servers. Right now, mod_security only works with Apache 2.x or Apache 1.x, if you are running IIS or some other web server you're out of luck for now.
    
    As we said before, to really use mod_security you need to feed it some signatures, just like an anti-virus product. And, you can download them all from our mod_security rules webpage.
    How to configure, setup and install mod_security and our rules
    
    For Apache 2.x
    
    LoadModule security_module /usr/lib/httpd/modules/mod_security.so
    
    Then, add the rules to your apache config file. To do this, we recommend you create an external configuration file to apache, via the "include" directive that will contain your mod_security rules, and seperately your mod_security configuration directives. To do that, look inside httpd.conf, or your equivalent, to see if you have this line:
    
    Include conf.d/*.conf
    
    This line, if you have it, tells apache to load all the .conf files in the conf.d directory. This lets you add many external configuration files to apache in this directory. If you do have it, create the file mod_security.conf in that directory, in this case, its a subdirectory off the directory the httpd.conf file in in. On Redhat 9, that directory is:
    
    /etc/httpd/
    
    So the include directory would be:
    
    /etc/httpd/conf.d
    
    This may be different for your distribution. In that directory, create the file "modsecurity.conf" and put your basic mod_security configuration settings inside that file. If you need some suggestions for that file, here is an example configuration for modsecurity 1.9.x:
    
    < IfModule mod_security.c>
    
    # Only inspect dynamic requests
    # (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
    #SecFilterEngine DynamicOnly
    
    SecFilterEngine On
    
    # Reject requests with status 500
    SecFilterDefaultAction "deny,log,status:500"
    
    # Some sane defaults
    SecFilterScanPOST On
    SecFilterCheckURLEncoding On
    SecFilterCheckCookieFormat On
    SecFilterCheckUnicodeEncoding Off
    SecFilterNormalizeCookies On
    # enable version 1 (RFC 2965) cookies
    SecFilterCookieFormat 1
    
    SecServerResponseToken Off
    
    #If you want to scan the output, uncomment these
    #SecFilterScanOutput On
    #SecFilterOutputMimeTypes "(null) text/html text/plain"
    
    # Accept almost all byte values
    SecFilterForceByteRange 1 255
    
    # Server masking is optional
    #fake server banner - NOYB used - no one needs to know what we are using
    SecServerSignature "NOYB"
    
    #SecUploadDir /tmp
    #SecUploadKeepFiles Off
    
    # Only record the interesting stuff
    SecAuditEngine RelevantOnly
    SecAuditLog logs/audit_log
    
    # You normally won't need debug logging
    SecFilterDebugLevel 0
    SecFilterDebugLog logs/modsec_debug_log
    
    #And now, the rules
    #Remove any of these Include lines you do not use or have rules for.
    
    #First, add in your exclusion rules:
    #These MUST come first!
    Include /etc/modsecurity/exclude.conf
    
    #Application protection rules
    Include /etc/modsecurity/rules.conf
    
    #Comment spam rules
    Include /etc/modsecurity/blacklist.conf
    
    #Bad hosts, bad proxies and other bad players
    Include /etc/modsecurity/blacklist2.conf
    
    #Bad clients, known bogus useragents and other signs of malware
    Include /etc/modsecurity/useragents.conf
    
    #Known bad software, rootkits and other malware
    Include /etc/modsecurity/rootkits.conf
    
    #Signatures to prevent *****ing through your server 
    #only rule these rules if your server is NOT a *****
    Include /etc/modsecurity/*****.conf
    
    #Additional rules for Apache 2.x ONLY!  Do not add this line if you use Apache 1.x
    Include /etc/modsecurity/apache2-rules.conf
    < /IfModule >
    
    You'll notice these lines in the example above:
    
    Include /etc/modsecurity/mod_security_rules.conf
    Include /etc/modsecurity/blacklist.conf
    
    Those lines tell Apache to include the mod_security_rules.conf and blacklist.conf files. We recommend this so that you can overwrite these files with new rules, without effecting your mod_security settings. This way, you can setup a cronjob to download the rules from this website, allowing it to overwrite your old /etc/modsecurity/mod_security_rules.conf file, but not your /etc/httpd/conf.d/modsecurity.conf file, which contains all of your local configuration settings for your mod_security - which you do not want to automatically over write. So, to recap, setup at least two files:
    
    /etc/httpd/conf.d/modsecurity.conf
    
    Which will contain all your local mod_security config settings, and in that file, make sure you add this line:
    
    Include /etc/modsecurity/mod_security_rules.conf
    
    And if you want to add more rules, such as the comment spam blacklist, add in another line like this:
    
    Include /etc/modsecurity/blacklist.conf
    
    Then use those files, such as /etc/modsecurity/mod_security_rules.conf, to store all your rules or signatures (and feel free to overwrite it with our signature file (cache)). Also, feel free to add in your own files for your own local rulesets.
    
    Last, but not least, Download the rules and install them into your /etc/modsecurity/ directory. Then restart apache, if you don't get any errors, hurray! the rules loaded. If you do get any errors, check your config files to make sure you have the syntax right, and try commenting out the Include lines to see if the problem is with your configuration, or with the rules. If its with the rules, please try commenting that signature out in your signature file(s) and then report the specific error (cut and paste works best) in this forum and we will fix it ASAP. We usually turn error reports around within a day, sometimes sooner if its during the week and we're all in town
    موفق باشید.

  2. تعداد تشکر ها ازWebRang به دلیل پست مفید


اطلاعات موضوع

کاربرانی که در حال مشاهده این موضوع هستند

در حال حاضر 1 کاربر در حال مشاهده این موضوع است. (0 کاربران و 1 مهمان ها)

موضوعات مشابه

  1. آشنایی با mod_security
    توسط Vahid در انجمن مباحث و منابع آموزشی
    پاسخ ها: 1
    آخرين نوشته: December 30th, 2010, 08:56 PM
  2. فواید mod_security
    توسط Danial_Hiv در انجمن سوالات و مشکلات
    پاسخ ها: 7
    آخرين نوشته: February 9th, 2009, 04:51 PM
  3. چگونگی نصب mod_security برای آپاچ
    توسط Vahid در انجمن مباحث و منابع آموزشی
    پاسخ ها: 12
    آخرين نوشته: January 5th, 2009, 08:11 AM
  4. Mod_Security چیست در سرورهای CPANEL
    توسط Vahid در انجمن سی پنل CPanel
    پاسخ ها: 0
    آخرين نوشته: August 6th, 2008, 12:00 AM

مجوز های ارسال و ویرایش

  • شما نمیتوانید موضوع جدیدی ارسال کنید
  • شما امکان ارسال پاسخ را ندارید
  • شما نمیتوانید فایل پیوست کنید.
  • شما نمیتوانید پست های خود را ویرایش کنید
  •