Install Mod Security on IIS7.5 (Windows 2008R2)
The previous section introduced anninhmang.net have you installed Apache Mod Security on Windows (see here )
Part 2: Introduction of you install this mod on IIS7.5 under Windows 2008R2
I. Install IIS 7.5
1. Click Start -> All Programs -> Administrative Tools -> Server Manager .
2. On the Server Manager window, we select Add Roles . Add Roles Wizard will start we select Web Server (IIS) on the Select Server Roles
Figure 1: Choose roles
3. We select the service in IIS, attention will need to add the items selected in
+ Application Deverlopmanet
+ Security
4. Display the selected items Statistics
5. Check IIS works by opening a browser to http: // localhost.
The root of the IIS default is C: \Inetpub\wwwroot
The reason you test localhost successful because IIS has setup a website order form with the name Default Website in IIS when you restart IIS Manager tool as shown
II. Mod Security Settings
1. To Mod activities need to install Visual C ++ redistributable libraries for Visual Studio 2010 or 2012 2013 for each version 32 or 64bit OS. You need to download on the Microsoft site
In this article install ModSecurity 2.7.5 just over 2010 libraries
- Download Mod Security in:
https://www.modsecurity.org/tarball/2.7.5/ModSecurityIIS_2.7.5.msi
and proceed with the installation
3. Configure and test
The default after installation directory Mod provide the law lies at the root of IIS C: \inetpub\wwwroot\owasp_crs,
I open the configuration file modsecurity_iis.conf.
and added to the file contents:
SecRuleEngine DetectionOnly
SecRuleEngine On
And add the following command to check the operation of the mod or not
SecRule ARGS, “zzz” phase: 1, log, deny, status: 503, id: 1
Now we need to apply to the Website. Suppose that we need to apply to the default Web site, the root directory is c:\ Inetpub\wwwroot.
Open the web.config file that corresponds to the website
c: \inetpub\wwwroot\web.config. and add the following
<? Xml version = “1.0” encoding = “UTF-8”?>
<Configuration>
<System.webServer>
<ModSecurity enabled = “true”
configfile = “c:\ inetpub\wwwroot\owasp_crsmodsecurity_iis.conf” />
</system.webServer>
</ Configuration>
We need to restart IIS so that the new law applies
+ To check the operation of the Mod I open the browser then type address
http: // localhost / a? = zzz
In the application log I see results
(To open the windows log I see the picture below)
Thanks for you!
Lượt xem (806)
Để lại bình luận: