Full Class Deck – https://www.petermorin.com/wp-content/uploads/2021/04/ISACA-LA-Workshop-2021_Draft_final.pdf
Lab exercises PowerPoint deck – https://www.petermorin.com/wp-content/uploads/2021/04/labDeck.pdf
Lab #14 – Example Mod_Security Rules
# default action when matching rules
SecDefaultAction “phase:2,deny,log,status:406”
# [etc/passwd] is included in request URI
SecRule REQUEST_URI “etc/passwd” “id:’500001′”
# [../] is included in request URI
SecRule REQUEST_URI “\.\./” “id:’500002′”
# [<SCRIPT] is included in arguments
SecRule ARGS “<[Ss][Cc][Rr][Ii][Pp][Tt]” “id:’500003′”
# [SELECT FROM] is included in arguments
SecRule ARGS “[Ss][Ee][Ll][Ee][Cc][Tt][[:space:]]+[Ff][Rr][Oo][Mm]” “id:’500004′”
Comments are closed.