Linux Today: Linux News On Internet Time.

More on LinuxToday

ModSecurity Handbook Review

Jun 23, 2010, 14:34 (0 Talkback[s])
(Other stories by Mike Weber)

[ Thanks to Mike Weber for this link. ]

"It was almost 20 years ago now I received a very disturbing email, someone stated, "your server has been hacked … you need to check it out." Sure enough my dedicated server at one of the largest hosting companies, can you say "disaster magnet", was hacked. This event forever changed the way I viewed the Internet and the necessity of security, specifically firewalls. I have kept that email for all these years just as a reminder of what can happen. A incomplete firewall led to a compromise.

"These days almost everyone understands the importance of a good firewall guarding the ports that allow access to our servers. However, what many people do not realize is that there is a serious danger lurking on one of those ports. Port 80 typically used for web servers needs to be open to allow access to web content, but what is really happening on port 80? The Apache web server as good as it is has little protection when port 80 is open. This is where ModSecurity comes in providing an application firewall to monitor and manage the transactions on port 80. What follows is a review of one of the best books that I have read in a long time. A book that will challenge your thinking and provide answers to security issues you may not have realized exist."

Complete Story

Related Stories: