Install Mod Security on IIS7.5 (Windows 2008R2)

Install Mod Security on IIS7.5 (Windows 2008R2)

The previous section introduced anninhmang.net have you installed Apache Mod Security on Windows (see here )

Part 2: Introduction of you install this mod on IIS7.5 under Windows 2008R2

I. Install IIS 7.5

1. Click  Start  ->  All Programs  ->  Administrative Tools  ->  Server Manager .

2. On the  Server Manager  window, we select  Add Roles . Add Roles Wizard will start we select   Web Server (IIS)  on  the Select Server Roles

Figure 1: Choose roles

3. We select the service in IIS, attention will need to add the items selected in

+ Application Deverlopmanet

+ Security

4. Display the selected items Statistics

5. Check IIS works by opening a browser to http: // localhost.

The root of the IIS default is C: \Inetpub\wwwroot

The reason you test localhost successful because IIS has setup a website order form with the name Default Website in IIS when you restart IIS Manager tool as shown

II. Mod Security Settings

1. To Mod activities need to install Visual C ++ redistributable libraries for Visual Studio 2010 or 2012 2013 for each version 32 or 64bit OS. You need to download on the Microsoft site

In this article install ModSecurity 2.7.5 just over 2010 libraries

2. Download Mod Security in:

https://www.modsecurity.org/tarball/2.7.5/ModSecurityIIS_2.7.5.msi

and proceed with the installation

3. Configure and test

The default after installation directory Mod provide the law lies at the root of IIS C: \inetpub\wwwroot\owasp_crs,

I open the configuration file modsecurity_iis.conf.

and added to the file contents:

SecRuleEngine DetectionOnly

SecRuleEngine On

And add the following command to check the operation of the mod or not

SecRule ARGS, “zzz” phase: 1, log, deny, status: 503, id: 1

Now we need to apply to the Website. Suppose that we need to apply to the default Web site, the root directory is c:\ Inetpub\wwwroot.

Open the web.config file that corresponds to the website

c: \inetpub\wwwroot\web.config. and add the following

<? Xml version = “1.0” encoding = “UTF-8”?>

<Configuration>

<System.webServer>

<ModSecurity enabled = “true”

configfile = “c:\ inetpub\wwwroot\owasp_crsmodsecurity_iis.conf” />

</system.webServer>

</ Configuration>

We need to restart IIS so that the new law applies

+ To check the operation of the Mod I open the browser then type address

http: // localhost / a? = zzz

In the application log I see results

(To open the windows log I see the picture below)

Thanks for you!

Lượt xem (806)

Bài viết liên quan:

Cài Mod Security trên IIS7.5 (phần 2) Install Mod Security on CentOS 6.x System Logs in Windows Install Snort Inline on Centos How to backup and restore configuration IIS7.5 Cài đặt Webserver, PHP, Mysql, Mod Security trên CentOS 6.x (p1) Cài đăt Mod Security trên CENTOS (p2) Backup và restore cấu hình IIS7.5