Sign-In
Cart
ModSecurity Handbook, Second Edition
Paperback
Currently unavailable to order
Please enter your email and a message will be sent to you when this product becomes available on our website.
ISBN13: 9781907117077
Publisher: Feisty Duck
Published: Jul 15 2017
Pages: 454
Weight: 1.71
Height: 0.92 Width: 7.50 Depth: 9.25
Language: English
ModSecurity Handbook is the definitive guide to ModSecurity, the popular open source web application firewall. Written by Christian Folini and ModSecurity's original developer, Ivan Ristic, this book will teach you how to monitor activity on your web sites and protect them from attack.
Situated between your web sites and the world, web application firewalls provide an additional security layer, monitoring everything that comes in and everything that goes out in real time. They enable you to perform many advanced activities, such as access control, virtual patching, HTTP traffic logging, continuous passive security assessment, and web application hardening. Web application firewalls can be very effective in preventing application security attacks, such as SQL injection, cross-site scripting, remote file inclusion, and others that plague most web sites today.
ModSecurity Handbook covers the following topics, which will help anyone with a web site to run:
- Installation and configuration of ModSecurity
- Detailed guide to writing rules
- IP address, session, and user tracking
- Session management hardening
- Whitelisting, blacklisting, and IP reputation management
- Anomaly scoring and advanced blocking strategies
- Integration with other Apache modules
- Working with predefined rule sets
- Virtual patching and content injection
- Performance considerations
- Writing rules in Lua and extending ModSecurity in C
- Detailed coverage of ModSecurity's numerous directives, variables, transformations, and operators
The book is suitable for all reader levels: It takes newcomers by the hand to turn them into seasoned users, while seasoned users will learn advanced techniques from the top experts on the subject and find hidden clues to master the rule language. An updated ModSecurity Reference Manual is included in the second part of the book.
ABOUT THE AUTHORS
Dr. Christian Folini is a twelve-year veteran of ModSecurity. He is a renowned speaker, teacher, and system engineer who has specialized in securing high-profile web servers. Christian is one of the leaders of the OWASP ModSecurity Core Rule Set project, a key member of the ModSecurity community, program chair of the Swiss Cyber Storm conference, and vice president of Swiss Cyber Experts (a public-private partnership).
Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site. His latest project, Hardenize, is a security posture analysis service that makes security fun again. He is the author of three books, Apache Security, ModSecurity Handbook, and Bulletproof SSL and TLS.
Also in
Computer Security
Spies, Lies, and Cybercrime: Cybersecurity Tactics to Outsmart Hackers and Disarm Scammers
O'Neill, Eric
Hardcover
Digital Ethics in the Age of AI: Navigating the ethical frontier today and beyond
Mehan, Julie
Paperback
The Cybernetic Society: How Humans and Machines Will Shape the Future Together
Husain, Amir
Hardcover
Linux Basics for Hackers, 2nd Edition: Getting Started with Networking, Scripting, and Security in Kali
Occupytheweb
Paperback
Isc2 Cissp Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle
Chapple, Mike
Stewart, James Michael
Gibson, Darril
Paperback
Password Logbook (Hip Floral): Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location
Editors of Rock Point
Hardcover
Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
Greenberg, Andy
Paperback
Comptia A+ Complete Study Guide, 2-Volume Set: Volume 1 Core 1 Exam 220-1201 and Volume 2 Core 2 Exam 220-1202
Buhagiar, Jon
Docter, Quentin
Paperback
Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy
Deibert, Ronald J.
Hardcover
Comptia Security+ Study Guide with Over 500 Practice Test Questions: Exam Sy0-701
Chapple, Mike
Seidl, David
Paperback
Raising Humans in a Digital World: Helping Kids Build a Healthy Relationship with Technology
Graber, Diana
Paperback
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
Zetter, Kim
Paperback
Data Engineering for Cybersecurity: Build Secure Data Pipelines with Free and Open-Source Tools
Bonifield, James
Paperback
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World
Menn, Joseph
Paperback
The Future of Hacking: The Rise of Cybercrime and the Fight to Keep Us Safe
Scherling, Laura S.
Hardcover
Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance
Angwin, Julia
Paperback
Isc2 Cissp Certified Information Systems Security Professional Official Study Guide
Gibson, Darril
Chapple, Mike
Stewart, James Michael
Paperback
Hacking and Security: The Comprehensive Guide to Penetration Testing and Cybersecurity
Kofler, Michael
Gebeshuber, Klaus
Kloep, Peter
Paperback
Serious Cryptography, 2nd Edition: A Practical Introduction to Modern Encryption
Aumasson, Jean-Philippe
Paperback
Tor: Tor and the Deep Web: A Guide to Become Anonymous Online, Conceal Your IP Address, Block NSA Spying and Hack!
Welsh, Joshua
Paperback
Internet Password Logbook (Red Leatherette): Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location
Editors of Rock Point
Hardcover
A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend Them Back
Schneier, Bruce
Paperback
Comptia A+ Complete Certification Kit: Core 1 Exam 220-1201 and Core 2 Exam 220-1202
McMillan, Troy
Docter, Quentin
Buhagiar, Jon
Paperback
Comptia A+ Complete Practice Tests: Core 1 Exam 220-1201 and Core 2 Exam 220-1202
O'Shea, Audrey
Paperback
Humorous Cryptograms: 300 Large Print Puzzles To Keep You Entertained (Large Print Edition)
Nest, Game
Paperback
Shit I Can't Remember: Keep track of usernames, passwords, web addresses in one easy & organized location
Books, Family's
Paperback
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali
Occupytheweb
Paperback
Hacking Exposed Industrial Control Systems: ICS and Scada Security Secrets & Solutions
Singer, Bryan
Shbeeb, Aaron
Bodungen, Clint
Paperback
Cyber War: The Next Threat to National Security and What to Do about It
Clarke, Richard A.
Knake, Robert
Paperback
Comptia A+ Complete Review Guide: Core 1 Exam 220-1201 and Core 2 Exam 220-1202
McMillan, Troy
Paperback
Faik: A Practical Guide to Living in a World of Deepfakes, Disinformation, and Ai-Generated Deceptions
Carpenter, Perry
Hardcover
Container Security: Fundamental Technology Concepts That Protect Cloud Native Applications
Rice, Liz
Paperback
Cybersecurity for Everyone: A Human-Centered Approach to Protecting Yourself and Your Community
Olieslaeger, Cathy
Paperback
Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation, Second Edition
Reiber, Lee
Paperback
Hacking: Computer Hacking for beginners, how to hack, and understanding computer security!
Dodson, Adam
Hardcover
Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion
Abelson, Hal
Ledeen, Ken
Lewis, Harry
Paperback
AWS Certified Security Study Guide: Specialty (Scs-C02) Exam
Mu¿oz, Mauricio
Moraes, Alexandre M. S. P.
Goldfarb, Dario Lucas
Paperback
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Fyodor
Lyon, Gordon
Paperback
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World
Menn, Joseph
Paperback
Governance, Risk, and Compliance (GRC) in Cybersecurity: All you need to know
Relington, James
Paperback
Cyber Threat Hunters Handbook: Applying advanced analytics, automation, and collaborative intelligence for digital defense (English Edition)
Pereira Quiceno, David F.
Paperback
Comptia A+ Certmike: Prepare. Practice. Pass the Test! Get Certified!: Core 2 Exam 220-1202
Chapple, Mike
Paperback
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Stuttard, Dafydd
Pinto, Marcus
Paperback
Crypto Conned My 200K Nightmare: And 10 Key Steps To Safeguard Your Future
Holliday, Ed Doc
Paperback
Locksport: A Hackers Guide to Lockpicking, Impressioning, and Safe Cracking
Weyers, Jos
Burrough, Matt
Belgers, Walter
Paperback
Web Application Security: Exploitation and Countermeasures for Modern Web Applications
Hoffman, Andrew
Paperback
Comptia A+ Certmike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1201
Chapple, Mike
Paperback
Cybersecurity - Attack and Defense Strategies - Third Edition: Improve your security posture to mitigate risks and prevent attackers from infiltrating
Diogenes, Yuri
Ozkaya, Erdal
Paperback
Esclavos del Algoritmo. Manual de Resistencia En La Era de la Inteligencia Artificial / Slaves of the Algorithm
de Rivera, Laura G.
Paperback
Cybersecurity for Everyone: Securing your home or small business network
Sadler, Terence L.
Paperback
Cisa Certified Information Systems Auditor Study Guide: Covers 2024 - 2029 Exam Objectives
Gregory, Peter H.
Chapple, Mike
Paperback
Hacking & Tor: The Complete Beginners Guide To Hacking, Tor, & Accessing The Deep Web & Dark Web
Jones, Jack
Paperback
Certificate of Cloud Security Knowledge (Ccsk V5) Study Guide: In-Depth Guidance and Practice
Thompson, Graham
Paperback
Principles of AI Governance and Model Risk Management: Master the Techniques for Ethical and Transparent AI Systems
Sayles, James
Paperback
The Art of Deception: Controlling the Human Element of Security
Mitnick, Kevin D.
Simon, William L.
Paperback
Learn Computer Forensics - Second Edition: Your one-stop guide to searching, analyzing, acquiring, and securing digital evidence
Oettinger, William
Paperback
Wtf Is My Password: Keep track of usernames, passwords, web addresses in one easy & organized location - Orange Cover
Pray, Norman M.
Paperback
Mastering Palo Alto Networks - Second Edition: Build, configure, and deploy network solutions for your infrastructure using features of PAN-OS
'Reaper', Tom Piens Aka
Paperback
Securing the Digital Frontier: Cyber Security for Responsible Citizens and Strategic Thinkers
Martin, Andrew
Hardcover
Ghidra Software Reverse-Engineering for Beginners - Second Edition: Master the art of debugging, from understanding code to mitigating threats
Pérez, David Álvarez
Tiwari, Ravikant
Paperback
Understanding the Digital World: What You Need to Know about Computers, the Internet, Privacy, and Security, Second Edition
Kernighan, Brian W.
Paperback
Cism Certified Information Security Manager All-In-One Exam Guide [With CD (Audio)]
Gregory, Peter H.
Paperback
The Mathematics of Secrets: Cryptography from Caesar Ciphers to Digital Encryption
Holden, Joshua
Paperback
Identity Security for Software Development: Best Practices That Every Developer Must Know
Barker, Matt
Walsh, John
Ailon, Uzi
Paperback
Understand the Cyber Attacker Mindset: Build a Strategic Security Programme to Counteract Threats
Armstrong-Smith, Sarah
Paperback
Building a Career in Cybersecurity: The Strategy and Skills You Need to Succeed
Diogenes, Yuri
Paperback
The Online World, What You Think You Know and What You Don't: 4 Critical Tools for Raising Kids in the Digital Age
Mankarious, Rania
Paperback
SSL/TLS Under Lock and Key: A Guide to Understanding SSL/TLS Cryptography
Schatten, Jeremy
Baka, Paul
Paperback
Firewalls Don't Stop Dragons: A Step-By-Step Guide to Computer Security and Privacy for Non-Techies
Parker, Carey
Paperback
Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition
Harper, Allen
Linn, Ryan
Sims, Stephen
Paperback
Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems
Blankinship, Paul
Beyer, Betsy
Adkins, Heather
Paperback
Ethical Hacking for Beginners: A Step by Step Guide for you to Learn the Fundamentals of CyberSecurity and Hacking
Nastase, Ramon Adrian
Paperback
Practical Cybersecurity Architecture - Second Edition: A guide to creating and implementing robust designs for cybersecurity architects
Kelley, Diana
Moyle, Ed
Paperback
Logical Investigative Methods: Critical Thinking and Reasoning for Successful Investigations
Girod, Robert J.
Paperback
Hacking Etico 101 - Cómo hackear profesionalmente en 21 días o menos!: 2da Edición. Revisada y Actualizada a Kali 2.0.
Astudillo B., Karina
Paperback
Intelligent Continuous Security: Ai-Enabled Transformation for Seamless Protection
Hornbeek, Marc
Paperback
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
Hickey, Matthew
Arcuri, Jennifer
Paperback
Redefining Hacking: A Comprehensive Guide to Red Teaming and Bug Bounty Hunting in an Ai-Driven World
Lazzara, Savannah
Thurner, Wesley
Santos, Omar
Paperback
Iapp Cipp / Us Certified Information Privacy Professional Study Guide
Chapple, Mike
Shelley, Joe
Paperback
Achieve Comptia Security+ Sy0-701 Exam Success: The Concise Certification Guide for Today's Busy Professional
Edwards, Jason
Paperback
Network Programmability and Automation: Skills for the Next-Generation Network Engineer
Lowe, Scott S.
Oswalt, Matt
Adell, Christian
Paperback
Mastering Linux Security and Hardening - Third Edition: A practical guide to protecting your Linux system from cyber attacks
Tevault, Donald a.
Hardcover