wget http://www.modsecurity.org/download/modsecurity-apache_2.6.5.tar.gz
tar xzvf modsecurity-apache_2.6.5.tar.gz
cd
modsecurity-apache_2.6.5
./configure && make && make install
vi /etc/httpd/conf/httpd.conf
LoadModule security2_module modules/mod_security2.so
SecFilterEngine On
SecFilterCheckURLEncoding
On
SecFilterDefaultAction "deny,log,status:500"
#SecFilterForceByteRange
32 126
#SecFilterScanPOST On
SecAuditLog
logs/audit_log
###
SecFilter "\.\./"
#####
SecFilter
/etc/*passwd
SecFilter /bin/*sh
#for css attack
SecFilter "<( |
)*script"
SecFilter "<(.| )+>"
#for sql attack
SecFilter "delete[
]+from"
SecFilter "insert[ ]+into"
SecFilter "select.+from"
SecFilter
"union[ ]+from"
SecFilter "drop[ ]"
阅读(1073) | 评论(0) | 转发(0) |