1 / 15

All that You Need to Know about OWASP ModSecurity CRS

OWASP stands for Open Web Application Security Project and CRS stands for Core Rule Set, in u201cOWASP ModSecurity CRSu201d. It refers to certain rules that are grouped in sets to enable the ModSecurity module of Apache to protect a server.

htshosting
Download Presentation

All that You Need to Know about OWASP ModSecurity CRS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. All that You Need to Know about OWASP ModSecurity CRS

  2. Table of Contents • OWASP ModSecurity CRS • Servers • Web Servers • Benefits of Using OWASP ModSecurity CRS • Protection of Unsecure Web Application Design • Protection against OS Level Attacks • Protection against Malicious Web Traffic • Downside of OWASP ModSecurity CRS • How to Use the OWASP ModSecurity Rule Set • Reporting Issues in an OWASP ModSecurity Rule • Configuration Files

  3. OWASP ModSecurity CRS • The OWASP ModSecurity CRS (Core Rule Set) refers to a set of rules that can be used by the ModSecurity module of Apache in order to protect a server. OWASP is the abbreviation for Open Web Application Security Project. These rules might not render a server immune to attacks but these help in significantly increasing the level of protection with regard to web applications.

  4. Servers • Servers are software or hardware devices that serve the role of accepting and fulfilling the requests of their clients, which are made over a network. The devices that generate requests for the servers and subsequently receive their responses are known as the clients. Servers provide service (functionality) to their clients, which are programs or devices. The client-server model is used for this purpose.

  5. Web Servers • Servers are of various types, such as mail servers, database servers, print servers, file servers, game servers, application servers, proxy servers, web servers, etc. A web server is used to store and process the files of websites for making websites accessible online. Web servers are provided by web hosting companies through the service of web hosting. Web hosting can be of many types which include shared hosting, dedicated hosting, VPS, reseller hosting, WordPress hosting, cloud hosting, etc. The most efficient and popular web hosting companies are sometimes referred to as the “Top Cloud Hosting Company” or as the “Best Windows Shared Hosting Company” or as the “Best Linux Dedicated Hosting Company”, etc.

  6. Benefits of Using OWASP ModSecurity CRS • There are many benefits of using the OWASP ModSecurity CRS. The main benefits include protection with regard to web application designs that are not secure, protection against OS (Operating System) level attacks, and protection against malicious web traffic. • The next three slides will provide detailed information about each of these benefits.

  7. Protection of Unsecure Web Application Design • OWASP ModSecurity rule sets deliver a layer of protection for various web applications, such as phpBB, WordPress, etc. It ensures protection against vulnerabilities in web applications that are out-of-date. If any mistake of the developer causes security issues, ModSecurity is capable of blocking an attack prior to it being able to access the vulnerable application.

  8. Protection against OS Level Attacks • OWASP ModSecurity rule sets ensure protection against attacks that are meant for exploiting a server’s OS (Operating System). Security experts can create ModSecurity rules to foil such attempts. Server administrators can use ModSecurity rules and additional security measures until a security patch is released.

  9. Protection against Malicious Web Traffic • ModSecurity rules help to reduce the risks related to malicious web traffic. These rules ensure protection against malicious traffic that is harmful.

  10. Downside of OWASP ModSecurity CRS • The main downside of OWASP ModSecurity CRS is something that is common to any mechanism, which is used for blocking web traffic. These rules can block traffic that isn’t malicious (false positives). Hence, one should regularly review the ModSecurity Tools interface in order to evaluate the traffic which is being blocked by the existing rule set, and ascertain if these blocks are affecting legitimate users.

  11. 1-800-123 -8156 Whoa! That’s a big number, aren’t you proud?

  12. How to Use the OWASP ModSecurity Rule Set In order to use the OWASP ModSecurity rule set one needs to follow sequentially the below-mentioned steps. • Select the ModSecurity (mod security) Apache module, while using EasyApache 4 interface. WHM >> Home >> Software >> EasyApache 4. • Use the ModSecurity Vendors interface to install the OWASP rule set, after installing the ModSecurity Apache module. WHM >> Home >> Security Center >> ModSecurity Vendors. • Once the configuration files are enabled, the rules get activated. • Use the ModSecurity Tools interface for reviewing the logged notifications and the blocked traffic. WHM >> Home >> Security Center >> ModSecurity Tools.

  13. Reporting Issues in an OWASP ModSecurity Rule If there is any problem in an OWASP rule, it can be reported by carrying out the following steps. • Navigate to ModSecurity Tools interface in WHM. WHM >> Home >> Security Center >> ModSecurity Tools. • Locate the hit that was generated by the rule, in the Hits List. • Click More. • Click Report this hit. It needs to be mentioned here that this option will not appear when reports are not being accepted by the vendor. • Enter the following details – your email address, the reason for reporting, and any comment for the vendor, if there is any. • Click Review Report. • Verify the information in the report. • Click Submit.

  14. Configuration Files • Configuration files are used by the OWASP ModSecurity CRS. These files have the rules that protect one’s server. Similar rules are grouped together by these configuration files. This makes it possible to easily manage them.

  15. Thanks! ANY QUESTIONS? www.htshosting.org www.htshosting.org/best-web-hosting-company-India www.htshosting.org/best-windows-hosting www.htshosting.org/best-cloud-hosting-company

More Related