WAF防火墙
2015-12-16 17:08
141 查看
//添加依赖,一下看情况而添加,不确定需不需要
apt-get install gcc libpcre3 libpcre3-dev zlib1g-dev
//tengine依赖
sudo apt-get install openssl libssl-dev libssl0.9.8 libpcre3 libpcre3-dev
sudo apt-get install libxml2 libxml2-dev libxml2-utils
sudo apt-get install libaprutil1 libaprutil1-dev
sudo apt-get install apache2-dev
1.配置
./configure
make
make install
//添加依赖,此处可能报错
apt-get install libtool
apt-get install autoconf
2.//进入modSercurity
cd ModSecurity/
./autogen.sh
./configure–enable-standalone-module –disable-mlogc
make
3.nginx添加modsecurity模块
cd tengine/
./configure –add-module=/opt/modsecurity/nginx/modsecurity/ –prefix=/usr/local/nginx
make && make install
make
4.启动OWASP规则
cp -R owasp-modsecurity-crs /local/nginx
cp /usr/local/nginx/owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example /usr/local/nginx/owasp-modsecurity-crs/modsecurity_crs_10_setup.conf
cd ModSecurity/
cp modsecurity.conf-recommended /usr/local/nginx/conf/modsecurity.conf
cp unicode.mapping /usr/local/nginx/conf
5.修改配置
gedit modsecurity.conf
SecRuleEngine on
Include owasp-modsecurity-crs/modsecurity_crs_10_setup.conf
Include owasp-modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf
Include owasp-modsecurity-crs/base_rules/modsecurity_crs_41_xss_attacks.conf
Include owasp-modsecurity-crs/base_rules/modsecurity_crs_40_generic_attacks.conf
Include owasp-modsecurity-crs/experimental_rules/modsecurity_crs_11_dos_protection.conf
Include owasp-modsecurity-crs/experimental_rules/modsecurity_crs_11_brute_force.conf
Include owasp-modsecurity-crs/optional_rules/modsecurity_crs_16_session_hijacking.conf
6.配置nginx
在需要启用modsecurity的主机的location下面加入下面两行即可:
ModSecurityEnabled on;
ModSecurityConfig modsecurity.conf;
下面事例配置:
server {
listen 88;
server_name localhost;
}
/usr/local/nginx/sbin/nginx 启动
/usr/local/nginx/sbin/nginx -s reload 重启
/usr/local/nginx/sbin/nginx -s stop 关闭
文章参考
http://www.52os.net/articles/nginx-use-modsecurity-module-as-waf.html
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#Installation_for_NGINX
http://drops.wooyun.org/tips/2614
http://drops.wooyun.org/tips/3804
http://drops.wooyun.org/tips/734
http://www.freebuf.com/articles/web/18084.html
http://www.freebuf.com/articles/web/16806.html
apt-get install gcc libpcre3 libpcre3-dev zlib1g-dev
//tengine依赖
sudo apt-get install openssl libssl-dev libssl0.9.8 libpcre3 libpcre3-dev
sudo apt-get install libxml2 libxml2-dev libxml2-utils
sudo apt-get install libaprutil1 libaprutil1-dev
sudo apt-get install apache2-dev
1.配置
./configure
make
make install
//添加依赖,此处可能报错
apt-get install libtool
apt-get install autoconf
2.//进入modSercurity
cd ModSecurity/
./autogen.sh
./configure–enable-standalone-module –disable-mlogc
make
3.nginx添加modsecurity模块
cd tengine/
./configure –add-module=/opt/modsecurity/nginx/modsecurity/ –prefix=/usr/local/nginx
make && make install
make
4.启动OWASP规则
cp -R owasp-modsecurity-crs /local/nginx
cp /usr/local/nginx/owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example /usr/local/nginx/owasp-modsecurity-crs/modsecurity_crs_10_setup.conf
cd ModSecurity/
cp modsecurity.conf-recommended /usr/local/nginx/conf/modsecurity.conf
cp unicode.mapping /usr/local/nginx/conf
5.修改配置
gedit modsecurity.conf
SecRuleEngine on
Include owasp-modsecurity-crs/modsecurity_crs_10_setup.conf
Include owasp-modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf
Include owasp-modsecurity-crs/base_rules/modsecurity_crs_41_xss_attacks.conf
Include owasp-modsecurity-crs/base_rules/modsecurity_crs_40_generic_attacks.conf
Include owasp-modsecurity-crs/experimental_rules/modsecurity_crs_11_dos_protection.conf
Include owasp-modsecurity-crs/experimental_rules/modsecurity_crs_11_brute_force.conf
Include owasp-modsecurity-crs/optional_rules/modsecurity_crs_16_session_hijacking.conf
6.配置nginx
在需要启用modsecurity的主机的location下面加入下面两行即可:
ModSecurityEnabled on;
ModSecurityConfig modsecurity.conf;
下面事例配置:
server {
listen 88;
server_name localhost;
location / { ModSecurityEnabled on; ModSecurityConfig modsecurity.conf; root html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; }
}
/usr/local/nginx/sbin/nginx 启动
/usr/local/nginx/sbin/nginx -s reload 重启
/usr/local/nginx/sbin/nginx -s stop 关闭
文章参考
http://www.52os.net/articles/nginx-use-modsecurity-module-as-waf.html
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#Installation_for_NGINX
http://drops.wooyun.org/tips/2614
http://drops.wooyun.org/tips/3804
http://drops.wooyun.org/tips/734
http://www.freebuf.com/articles/web/18084.html
http://www.freebuf.com/articles/web/16806.html
相关文章推荐
- Vista 防火墙 Vista Firewall Control v1.0.11 下载
- 收集的ROS防火墙脚本
- AutoRun病毒专杀防火墙 V4.39 绿色版
- 安装防火墙的12个注意事项
- win2008内置防火墙配置方法说明
- FTP服务器的防火墙通用设置规则介绍
- Windows批量添加防火墙例外端口的批处理代码
- Win2003 系统服务器防火墙
- 启用windows默认的防火墙需要注意的地方
- windows防火墙支持FTP服务的设置方法
- 修改iptables防火墙规则解决vsftp登录后不显示文件目录的问题
- win2003防火墙导致ftp无法使用的解决方法
- Win2003 自带防火墙的设置图文教程
- linux增加iptables防火墙规则的示例
- 关闭selinux(防火墙)方法分享
- 配置win2008防火墙 允许被Ping的设置方法
- win2003服务器通过ipsec做防火墙的配置方法
- Windows 2008 r2 防火墙设置端口例外的方法
- rocketmq的安装(简单版)