ModSecurity Handbook

ModSecurity Handbook : The Complete Guide to the Popular Open Source Web Application Firewall

4.25 (12 ratings by Goodreads)
By (author) 

List price: US$49.95

Currently unavailable

We can notify you when this item is back in stock

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

ModSecurity Handbook is the definitive guide to ModSecurity, a popular open source web application firewall. Written by Ivan Ristic, who designed and wrote much of ModSecurity, this book will teach you everything you need to know to monitor the activity on your web sites and protect them from attack. Situated between your web sites and the world, web application firewalls provide an additional security layer, monitoring everything that comes in and everything that goes out. They enable you to perform many advanced activities, such as real-time application security monitoring, access control, virtual patching, HTTP traffic logging, continuous passive security assessment, and web application hardening. They can be very effective in preventing application security attacks, such as cross-site scripting, SQL injection, remote file inclusion, and others. Considering that most web sites today suffer from one problem or another, ModSecurity Handbook will help anyone who has a web site to run.
The topics covered include: - Installation and configuration of ModSecurity - Logging of complete HTTP traffic - Rule writing, in detail - IP address, session, and user tracking - Session management hardening - Whitelisting, blacklisting, and IP reputation management - Advanced blocking strategies - Integration with other Apache modules - Working with rule sets - Virtual patching - Performance considerations - Content injection - XML inspection - Writing rules in Lua - Extending ModSecurity in C The book is suitable for all reader levels: it contains step-by-step installation and configuration instructions for those just starting out, as well as detailed explanations of the internals and discussion of advanced techniques for seasoned users. The official ModSecurity Reference Manual is included in the second part of the book. Digital version available. For more information and to access the online companion, go to www.modsecurityhandbook.com
show more

Product details

  • Paperback | 365 pages
  • 191 x 235 x 20.32mm | 662.24g
  • London, United Kingdom
  • English
  • 1907117024
  • 9781907117022
  • 1,208,546

Table of contents

Preface Part I: User Guide 1. Introduction 2. Installation 3. Configuration 4. Logging 5. Rule Language Overview 6. Rule Language Tutorial 7. Rule Configuration 8. Persistent Storage 9. Practical Rule Writing 10. Performance 11. Content Injection 12. Writing Rules in Lua 13. Handling XML 14. Extending Rule Language Part II: Reference Manual 15. Directives 16. Variables 17. Transformation Functions 18. Actions 19. Operators 20. Data Formats Guide Index
show more

About Ivan Ristic

Ivan Ristic is a respected security expert and author, known especially for his contribution to the web application firewall field and the development of ModSecurity, the open source web application firewall. He is also the author of Apache Security, a comprehensive security guide for the Apache web server. A frequent speaker at computer security conferences, Ivan is an active participant in the application security community, a member of the Open Web Application Security Project, and an officer of the Web Application Security Consortium.
show more

Rating details

12 ratings
4.25 out of 5 stars
5 50% (6)
4 33% (4)
3 8% (1)
2 8% (1)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X