Monday , 10 August 2020
Home » English » Install Mod Security on IIS7.5 (Windows 2008R2)

Install Mod Security on IIS7.5 (Windows 2008R2)

Install Mod Security on IIS7.5 (Windows 2008R2)

The previous section introduced anninhmang.net have you installed Apache Mod Security on Windows (see here )

Part 2: Introduction of you install this mod on IIS7.5 under Windows 2008R2

I. Install IIS 7.5

1. Click  Start  ->  All Programs  ->  Administrative Tools  ->  Server Manager .

2. On the  Server Manager  window, we select  Add Roles . Add Roles Wizard will start we select   Web Server (IIS)  on  the Select Server Roles

IIS roles

Figure 1: Choose roles

3. We select the service in IIS, attention will need to add the items selected in

+ Application Deverlopmanet

+ Security

check service

4. Display the selected items Statistics

IIS summary

5. Check IIS works by opening a browser to http: // localhost.

The root of the IIS default is C: \Inetpub\wwwroot

The reason you test localhost successful because IIS has setup a website order form with the name Default Website in IIS when you restart IIS Manager tool as shown

IIS7

II. Mod Security Settings

1. To Mod activities need to install Visual C ++ redistributable libraries for Visual Studio 2010 or 2012 2013 for each version 32 or 64bit OS. You need to download on the Microsoft site

In this article install ModSecurity 2.7.5 just over 2010 libraries

  1. Download Mod Security in:

https://www.modsecurity.org/tarball/2.7.5/ModSecurityIIS_2.7.5.msi

and proceed with the installation

3. Configure and test

The default after installation directory Mod provide the law lies at the root of IIS C: \inetpub\wwwroot\owasp_crs,

I open the configuration file modsecurity_iis.conf.

IIS Mod security

and added to the file contents:

SecRuleEngine DetectionOnly

SecRuleEngine On

And add the following command to check the operation of the mod or not

SecRule ARGS, “zzz” phase: 1, log, deny, status: 503, id: 1

Now we need to apply to the Website. Suppose that we need to apply to the default Web site, the root directory is c:\ Inetpub\wwwroot.

Open the web.config file that corresponds to the website

c: \inetpub\wwwroot\web.config. and add the following

<? Xml version = “1.0” encoding = “UTF-8”?>

<Configuration>

<System.webServer>

<ModSecurity enabled = “true”

configfile = “c:\ inetpub\wwwroot\owasp_crsmodsecurity_iis.conf” />

</system.webServer>

</ Configuration>

We need to restart IIS so that the new law applies

IIS restart

+ To check the operation of the Mod I open the browser then type address

http: // localhost / a? = zzz

In the application log I see results

iis log

(To open the windows log I see the picture below)log in windows

 

Thanks for you!

 

Lượt xem (756)

About Nguyễn Thanh Sơn

Nguyễn Thanh Sơn
Network Security, Web Design, Computer Science

Xem thêm

mohinh-juniper

Configuring Topology network equipment Juniper

Continue with the basic article on Juniper devices, network security today actual models configured with: …

Để lại bình luận:

Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *