ModSecurity Handbook (2nd Edition)

Publisher: Feisty Duck Ltd
Release date: 15 July 2017
Language: English (454 pages)
Dimensions: 9.25 x 7.5 x 0.92 inches
ISBN: 978-1-907117-07-7
 
ModSecurity Handbook (2nd Edition) ModSecurity Handbook
Book Reviewer Kit

The second edition of the definitive guide to ModSecurity, by Christian Folini and Ivan Ristić, the principal author of ModSecurity

  • Step-by-step introduction to the installation and the rule language
  • Detailed explanations of the internals and advanced techniques for seasoned users
  • Available in various digital formats (PDF, EPUB, Mobi/Kindle); no DRM
  • Also available online in our browser-based reading application
  • Provides full coverage of ModSecurity 2.9.1
  • In depth examination of rules performance
  • Includes a comprehensive reference that goes beyond the official online reference manual

Short Description

ModSecurity Handbook is the definitive guide to ModSecurity, the popular open source web application firewall. Written by Christian Folini and ModSecurity's original developer, Ivan Ristić, this book will teach you how to monitor activity on your web sites and protect them from attack.

Full Description

ModSecurity Handbook is the definitive guide to ModSecurity, the popular open source web application firewall. Written by Christian Folini and ModSecurity’s original developer, Ivan Ristić, this book will teach you how to monitor activity on your web sites and protect them from attack.

Situated between your web sites and the world, web application firewalls provide an additional security layer, monitoring everything that comes in and everything that goes out in real time. They enable you to perform many advanced activities, such as access control, virtual patching, HTTP traffic logging, continuous passive security assessment, and web application hardening. Web application firewalls can be very effective in preventing application security attacks, such as SQL injection, cross-site scripting, remote file inclusion, and others that plague most web sites today.

ModSecurity Handbook covers the following topics, which will help anyone with a web site to run:

  • Installation and configuration of ModSecurity
  • Detailed guide to writing rules
  • IP address, session, and user tracking
  • Session management hardening
  • Whitelisting, blacklisting, and IP reputation management
  • Anomaly scoring and advanced blocking strategies
  • Integration with other Apache modules
  • Working with predefined rule sets
  • Virtual patching and content injection
  • Performance considerations
  • Writing rules in Lua and extending ModSecurity in C
  • Detailed coverage of ModSecurity’s numerous directives, variables, transformations, and operators

The book is suitable for all reader levels: It takes newcomers by the hand to turn them into seasoned users, while seasoned users will learn advanced techniques from the top experts on the subject and find hidden clues to master the rule language. An updated ModSecurity Reference Manual is included in the second part of the book.

About the Authors

Dr. Christian Folini is a partner at netnea AG in Berne, Switzerland. He is a twelve-year veteran of ModSecurity, renowned speaker, teacher, and system engineer who has specialized in securing high-profile web servers. Christian is one of the leaders of the OWASP ModSecurity Core Rule Set project, a key member of the ModSecurity community, program chair of the Swiss Cyber Storm conference, and vice president of Swiss Cyber Experts (a public-private partnership).

Ivan Ristić is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site. He is the author of three books, Apache Security, ModSecurity Handbook, and Bulletproof SSL and TLS, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. His latest project, Hardenize, is a security posture analysis service that makes security fun again.

About ModSecurity

ModSecurity is a renowned and widely deployed open source web application firewall. It comes with a powerful rule language, which allows for detailed inspection of payloads and granular access control. Fifteen years in the making, ModSecurity has matured and the second edition of this book covers the complete set of features available with the latest release.

ModSecurity and mod_security are trademarks or registered trademarks of Trustwave Holdings, Inc.

Resources

About Feisty Duck

Feisty Duck is a London-based publisher of fine computer security and open source books and provider of high-quality computer security training. Our books are published in a way that aims to bridge the gap between traditional publishing and the new digital age.