ModSecurity Handbook Cover
Buy now
From £12 (about $19 or €14)
Last update: 24 March 2012
First release: 15 March 2010
Language: English (384 pages)
ISBN: 978-1907117022
Formats: Paperback, PDF, EPUB,
     Kindle, Online; no DRM
ModSecurity Handbook
The definitive guide to the popular open source web application firewall, by Ivan Ristić, the principal author of ModSecurity
  • Step-by-step instructions for those just starting out
  • Detailed explanations of the internals and advanced techniques for seasoned users
  • Includes a comprehensive reference manual
  • Available as paperback and various digital formats (PDF, EPUB, Mobi/Kindle); no DRM
  • Also available online in our browser-based reading application
  • Online version has a reading mode that shows changes since the first edition
  • Provides full coverage of ModSecurity 2.6.x
  • Includes the official ModSecurity Reference Manual
Table of Contents 
Preface      
        

Part I: User Guide
                1. Introduction
                2. Installation
                3. Configuration
                4. Logging
                5. Rule Language Overview
                6. Rule Language Tutorial
                7. Rule Configuration
                8. Persistent Storage 
                9. Practical Rule Writing
                10. Performance
                11. Content Injection           
                12. Writing Rules in Lua
                13. Handling XML
                14. Extending Rule Language
        

Part II: Reference Manual
                15. Directives
                16. Variables
                17. Transformation Functions
                18. Actions
                19. Operators
                20. Data Formats Guide
                
Index

About the Author

Ivan Ristić is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site.

He is the author of two books, Apache Security and ModSecurity Handbook, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. He's currently Director of Application Security Research at Qualys.

Preview

ModSecurity Handbook:
Getting Started
A free 60-page book that covers installation and initial configuration of ModSecurity. This book is based on the first 4 chapters of ModSecurity Handbook.

Additional Material

About ModSecurity

ModSecurity is a widely-deployed open source web application firewall, used by small and large organizations alike. Ivan founded ModSecurity in 2002 and ran the project until 2009. Since then he is focused on documenting the project, via his work on ModSecurity Handbook.

ModSecurity and mod_security are trademarks or registered trademarks of Trustwave Holdings, Inc.

ModSecurity