a.kao

I’ve been trying to find time to play around with ModSecurity2 (mod_security) for web server security. The need for experimentation is partly driven by the issues I faced with regards to a vulnerable web server at work.

Installation was painless, I modified SPEC file from tanso.net and built the RPM with latest stable version 2.1.4 source direct from modsecurity.org. RPM is available HERE

I restarted httpd and wrote my first rule
SecRule REQUEST_BODY test_attack

and as expected, received a “Forbidden” page response when I tried to submit a page via POST with string “test_attack” in the text area. Quite simple to get it up and running, but now I really need to read the documentation to use it to its full potential.