From: maryfomin12658@gmail.com   
      
   In this guide, we are going to learn how to configure LibModsecurity with   
   Apache on CentOS 8. LibMosecurity also known as ModSecurity version 3, is an   
   open source, cross platform web application firewall (WAF) engine which   
   provides protection against a    
   wide range of web application attacks.if(typeof ez_ad_units!='un   
   efined')ez_ad_units.push([[300,250],'kifarunix_com-box-3','ezslo   
   _14',105,'0','0']);__ez_fad_position('div-gpt-ad-kifarunix_com-box-3-0');   
      
   Install LibModsecurity Web Application Firewall with Nginx on CentOS 8   
   Download https://byltly.com/2wIunn   
      
      
      
   Clone the git repository for the ModSecurity Apache connector.cd git clone   
   -apacheNavigate to ModSecurity-apache directory and run the following commands   
   to compile and install it.if(typeof ez_ad_units!='undefined')ez_   
   d_units.push([[336,280],'kifarunix_   
   com-large-mobile-banner-1','ezslot_12',122,'0','0']);__ez_fad_po   
   ition('div-gpt-ad-kifarunix_com-large-mobile-banner-1-0');cd Mod   
   ecurity-apache./autogen.sh./configure --with-libmodsecurity=/usr   
   local/modsecurity/makemake installConfigure Apache with    
   LibModsecurity on CentOS 8Next, configure Apache to load Modsecurity Apache   
   connector module by adding the line below to the main Apache configuration   
   file.if(typeof ez_ad_units!='undefined')ez_ad_units.push([[300,2   
   0],'kifarunix_com-large-mobile-banner-   
   2','ezslot_13',110,'0','0']);__ez_fad_position('div-gpt-ad-kifar   
   nix_com-large-mobile-banner-2-0');   
      
   Since we have included the OWASP Rules, proceed to install them.Install OWASP   
   ModSecurity Core Rule Set (CRS)The OWASP ModSecurity Core Rule Set (CRS) is a   
   set of generic attack detection rules for use with ModSecurity. It aims at   
   protecting the web    
   applications from a wide range of attacks, including the OWASP Top Ten,   
   minimum of false alerts.Clone the CRS from GitHub repository to    
   etc/apache2/modsecurity.d/ as shown below;   
      
   You can as well check Modsecurity logs;tail /var/log/httpd/modse   
   _audit.log...ModSecurity: Warning. Matched "Operator `PmFromFile' with   
   parameter `unix-shell.data' against variable `ARGS:exec' (Value: `/bin/bash' )   
   [file "/etc/httpd/conf.d/modsecurity.d/   
   owasp-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "496"] [id   
   "932160"] [rev ""] [msg "Remote Command Execution: Unix Shell Code Found"]   
   [data "Matched Data: bin/bash found within ARGS:exec: /bin/bash"] [severity   
   "2"] [ver "OWASP_CRS/3.2.0"]    
   [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-shell"]   
   [tag "platform-unix"] [tag "attack-rce"] [tag "paranoia-level/1"] [tag   
   "OWASP_CRS"] [tag "OWASP_CRS/WEB_ATTACK/COMMAND_INJECTION"] [tag   
   "WASCTC/WASC-31"] [tag "OWASP_TOP_10/A1"   
   ] [tag "PCI/6.5.2"] [hostname "centos8.kifarunix-demo.com"] [uri   
   "/index.html"] [unique_id "158386776469.002836"] [ref "o1,8v21,9   
   :urlDecodeUni,t:cmdLine,t:normalizePath,t:lowercase"]ModSecurity: Access   
   denied with code 403 (phase 2). Matched "Operator `   
   Ge' with parameter `5' against variable `TX:ANOMALY_SCORE' (Value: `5' ) [file   
   "/etc/httpd/conf.d/modsecurity.d/owasp-crs/rules/REQUEST-949-BLO   
   KING-EVALUATION.conf"] [line "79"] [id "949110"] [rev ""] [msg "Inbound   
   Anomaly Score Exceeded (Total Score: 5)   
   "] [data ""] [severity "2"] [ver ""] [maturity "0"] [accuracy "0"] [tag   
   "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag   
   "attack-generic"] [hostname "centos8.kifarunix-demo.com"] [uri "/index.html"]   
   [unique_id "158386776469.002836"]   
    [ref ""]Well, there you go. ModSecurity 3 or LibModSeceurity is now   
   installed, activated and protecting your site against web attacks.Feel free to   
   set up more rules as you wish and protect your web application.   
      
   This tutorial is going to show you how to install and use ModSecurity with   
   Nginx on Debian/Ubuntu servers. ModSecurity is the most well-known open-source   
   web application firewall (WAF), providing comprehensive protection for your   
   web applications (like    
   WordPress, Nextcloud, Ghost etc) against a wide range of Layer 7 (HTTP)   
   attacks, such as SQL injection, cross-site scripting, and local file inclusion.   
      
      
   libmodsecurrity is the ModSecurity library that actually does the HTTP   
   filtering for your web applications. On Debian 10 and Ubuntu 20.04, 22.04, you   
   can install it with sudo apt install libmodsecurity3, but I recommend you   
   compile the latest stable    
   version from the source.   
      
      
      
   Note that if you have multiple applications such as (WordPress, Nextcloud,   
   Drupal, etc) installed on the same server, then the above rule exclusions will   
   be applied to all applications. To minimize the security risks, you should   
   enable a rule exclusion    
   for one application only. To do that, go to the /etc/nginx/modse   
   /coreruleset-3.3.0/rules/ directory.   
      
   ModSecurity is a popular, free, open-source web application firewall used to   
   protect web applications against several types of attacks including SQL   
   injection, cross-site scripting, and local file inclusion. It is frequently   
   employed to protect websites,    
   cPanel, and other hosting control panels. While ModSecurity was primarily   
   designed for the Apache webserver, it can also work with the Nginx web server.   
    eebf2c3492   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)