File: ar01s02.html

package info (click to toggle)
libapache-mod-security 2.5.12-1%2Bsqueeze3
  • links: PTS
  • area: main
  • in suites: squeeze
  • size: 6,220 kB
  • ctags: 2,463
  • sloc: ansic: 21,249; sh: 6,512; xml: 6,320; perl: 1,653; makefile: 191
file content (19 lines) | stat: -rw-r--r-- 4,418 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
<html><head><META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>ModSecurity Core Rules&trade;</title><link href="modsecurity-reference.css" rel="stylesheet" type="text/css"><meta content="DocBook XSL Stylesheets V1.69.1" name="generator"><link rel="start" href="index.html" title="ModSecurity&reg; Reference
  Manual"><link rel="up" href="index.html" title="ModSecurity&reg; Reference
  Manual"><link rel="prev" href="introduction.html" title="Introduction"><link rel="next" href="installation.html" title="Installation"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div style="background:#F5F5F5;width:100%;border-top:1px solid #DDDDDD;border-bottom:1px solid #DDDDDD"><table width="100%" cellspacing="0" cellpadding="0"><tr><td><a href="http://www.modsecurity.org"><img style="margin:4px" src="modsecurity.gif" width="120" height="36" alt="ModSecurity" border="0"></a></td><td align="right"><a href="http://www.breach.com"><img style="margin:6px" src="breach-logo-small.gif" height="36" width="100" border="0"></a></td></tr></table></div><div id="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3"><span class="trademark">ModSecurity Core Rules</span>&trade;</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="introduction.html">Prev</a>&nbsp;</td><td align="center" width="60%">&nbsp;<a accesskey="h" href="index.html">Home</a></td><td align="right" width="20%">&nbsp;<a accesskey="n" href="installation.html">Next</a></td></tr></table><hr size="1"></div><div class="section" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="N10067"></a><span class="trademark">ModSecurity Core Rules</span>&trade;</h2></div></div><div></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="N1006C"></a>Overview</h3></div></div><div></div></div><p>ModSecurity is a web application firewall engine that provides
      very little protection on its own. In order to become useful,
      ModSecurity must be configured with rules. In order to enable users to
      take full advantage of ModSecurity out of the box, Breach Security, Inc.
      is providing a free certified rule set for ModSecurity 2.x. Unlike
      intrusion detection and prevention systems, which rely on signatures
      specific to known vulnerabilities, the Core Rules provide generic
      protection from unknown vulnerabilities often found in web applications,
      which are in most cases custom coded. The Core Rules are heavily
      commented to allow it to be used as a step-by-step deployment guide for
      ModSecurity. The latest Core Rules can be found at the ModSecurity
      website - <a href="http://www.modsecurity.org/projects/rules/" target="_top">http://www.modsecurity.org/projects/rules/</a>.</p></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="N10075"></a>Core Rules Content</h3></div></div><div></div></div><p>In order to provide generic web applications protection, the Core
      Rules use the following techniques:</p><div class="itemizedlist"><ul type="disc"><li><p>HTTP protection - detecting violations of the HTTP protocol
          and a locally defined usage policy.</p></li><li><p>Common Web Attacks Protection - detecting common web
          application security attack.</p></li><li><p>Automation detection - Detecting bots, crawlers, scanners and
          other surface malicious activity.</p></li><li><p>Trojan Protection - Detecting access to Trojans horses.</p></li><li><p>Error Hiding - Disguising error messages sent by the
          server.</p></li></ul></div></div></div><div id="navfooter"><hr size="1"><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="introduction.html">Prev</a>&nbsp;</td><td align="center" width="20%">&nbsp;</td><td align="right" width="40%">&nbsp;<a accesskey="n" href="installation.html">Next</a></td></tr><tr><td valign="top" align="left" width="40%">Introduction&nbsp;</td><td align="center" width="20%"><a accesskey="h" href="index.html">Home</a></td><td valign="top" align="right" width="40%">&nbsp;Installation</td></tr></table></div><div align="center" class="copyright">Copyright (C) 2004-2010 <a href="http://www.breach.com">Breach Security</a></div></body></html>