Apache + mod_security 網站應用程式防火牆阻擋攻擊(WAF)
作者:cross 日期:2010-11-30 16:59
mod_security 是 Apache的一個模組,可以提供入侵偵測及防禦,它就如同是web應用程式的防火牆可以用來抵擋知名及不知名的攻擊如 SQL injection attacks, cross-site scripting, path traversal attacks。
quote: http://www.modsecurity.org/documentation/modsecurity-apache/2.5.12/html-multipage/introduction.html
ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making their systems secure. WAFs are deployed to establish an increased external security layer to detect and/or prevent attacks before they reach web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure.
安裝--
下載套件: http://www.modsecurity.org/download/
編譯
iScanner - 掃描你的網站有沒有惡意程式碼
作者:cross 日期:2010-11-24 13:58
http://iscanner.isecur1ty.org/
iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able to clean these files by removing the malware code ONLY from the infected files.
在 centos 環境下測試
需要安裝 ruby
簡單測試
./iscanner -R http://ssorc.tw
收集Linux上前幾大工具的網站--
作者:cross 日期:2010-11-16 13:53
google搜尋新功能? -- 預覽
作者:cross 日期:2010-11-10 11:42
apache 搭配 mod_write 來得知是不是透過手機來瀏覽網站的
作者:cross 日期:2010-10-29 15:44
min.us 輕鬆分享你的照片,圖片
作者:cross 日期:2010-10-28 21:38
