Showing posts with label apache security. Show all posts
Showing posts with label apache security. Show all posts

Friday, January 12, 2018

Apache : Redirect Root URL to Subfolder

Solution :

RewriteEngine on
RewriteCond %{REQUEST_URI} ^/$
RewriteRule (.*) /mysubfolder/ [R=301]

  • RewriteEngine on is used to specify to Apache that this site will use Rewrite rules to transform the URL
  • RewriteCond is the match part of the pattern. If the URL matches this pattern then RewriteRule will be applied. This particular pattern is checking if the requested URL path is equal to /.
  • RewriteRule is going to add /mysubfolder/ to the URL which only contains the domain due to the above RewriteCond already performing the check.

Source: 

Thursday, February 24, 2011

ModSecurity - Centos 5.X

ModSecurity is an open source web application firewall (WAF) engine for Apache that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence

Apache Installation
# yum install httpd-devel mod_ssl libxml2 libxml2-devel curl-devel pcre-devel gcc-c++
# /etc/init.d/https stop OR service httpd stop

ModSecurity Installation

# wget http://www.modsecurity.org/download/modsecurity-apache_2.5.10.tar.gz
# tar -xzvf modsecurity-apache_2.5.10.tar.gz
# cd modsecurity-apache_2.5.10
# cd apache2
# ./configure
# make
# make install
# mkdir /etc/httpd/conf/modsecurity
# cp ../modsecurity.conf-minimal /etc/httpd/conf/modsecurity/

Settings
# vi /etc/httpd/conf/httpd.conf

# ModSecurity
LoadFile /usr/lib/libxml2.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/modsecurity.conf-minimal

# service httpd start
# ls /var/log/httpd

Access Error Log

Access_log  error_log  modsec_audit.log  modsec_debug.log
# tail /var/log/httpd/error_log

[Sat Oct 31 20:22:35 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Oct 31 20:22:36 2009] [notice] ModSecurity for Apache/2.5.10 (http://www.modsecurity.org/) configured.
[Sat Oct 31 20:22:36 2009] [notice] Digest: generating secret for digest authentication …
[Sat Oct 31 20:22:36 2009] [notice] Digest: done
[Sat Oct 31 20:22:37 2009] [notice] Apache/2.2.3 (CentOS) configured — resuming normal operations
Subscribe to: Posts (Atom)