ModSecurity 2.5

ModSecurity 2.5
eBook: $29.99
Formats: PDF, PacktLib, ePub and Mobi formats
save 15%!
Print + free eBook + free PacktLib access to the book: $79.98    Print cover: $49.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Table of Contents
Sample Chapters
  • Secure your system by knowing exactly how a hacker would break into it
  • Covers writing rules in-depth and Modsecurity rule language elements such as variables, actions, and request phases
  • Covers the common attacks in use on the Web, and ways to find the geographical location of an attacker and send alert emails when attacks are discovered
  • Packed with many real-life examples for better understanding

Book Details

Language : English
Paperback : 280 pages [ 235mm x 191mm ]
Release Date : November 2009
ISBN : 1847194745
ISBN 13 : 9781847194749
Author(s) : Magnus Mischel
Topics and Technologies : All Books, Networking and Servers, Security and Testing, Linux Servers, Open Source
Sorry, the table of contents for this book is not yet available.

Magnus Mischel

Computer security expert Magnus Mischel is the founder and director of Mischel Internet Security, whose product TrojanHunter helps protect computers from malware. He currently lives in London, and when he isn't writing books or managing the company, he enjoys playing a game of chess at the Metropolitan Chess Club. He holds an MSc in Computer Science and Engineering from Linköping University, Sweden.

Code Downloads

Download the code and support files for this book.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


- 3 submitted: last submission 02 Aug 2013

Errata type: Others | Page number: 0

There are a few examples used in this book which were taken from public examples created by Ryan Barnett.


Errata type: Typo | Page number: 105

Header in Chapter 5 says Chapter 9. It should be Chapter 5.


Errata type: Code | Page number: 38

The second line of the example code is: SecRule &REQUEST_HEADER:User-Agent "@eq 0" but it should be SecRule &REQUEST_HEADERS:User-Agent "@eq 0"


Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Frequently bought together

ModSecurity 2.5 +    Responsive Web Design by Example =
50% Off
the second eBook
Price for both: £24.65

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

  • Compile ModSecurity from source and install it on a Linux system
  • Log any anomalous event and use the ModSecurity console to view log data online so that attempted break-ins can be quickly discovered and dealt with
  • Learn how a recent worm disabled Twitter and how it could have been stopped using ModSecurity
  • Guard against web site defacement by having ModSecurity scan for unauthorized changes to your web pages then alert you about issues via email.
  • Locate the geographical position of an attacker using ModSecurity applications
  • Know how attackers operate by learning about SQL injection, cross-site scripting attacks, cross-site request forgeries, null byte attacks, and many more
  • Put Apache in a chroot jail using ModSecurity – no more frustrating hours of tinkering to get everything working as it should
  • Prevent HTTP fingerprinting by flying your Apache server under a false flag
  • Protect against newly discovered vulnerabilities that don't have a vendor-supplied patch, using ModSecurity "just-in-time" patching
  • Prevent the source code of your web application being shown to the world if something goes wrong with your server configuration
  • Discover the real IP address of an attacker using ModSecurity, even if the attacker is behind a proxy server

In Detail

With more than 67% of web servers running Apache and web-based attacks becoming more and more prevalent, web security has become a critical area for web site managers. Most existing tools work on the TCP/IP level, failing to use the specifics of the HTTP protocol in their operation. Mod_security is a module running on Apache, which will help you overcome the security threats prevalent in the online world.

A complete guide to using ModSecurity, this book will show you how to secure your web application and server, and does so by using real-world examples of attacks currently in use. It will help you learn about SQL injection, cross-site scripting attacks, cross-site request forgeries, null byte attacks, and many more so that you know how attackers operate.
Using clear, step-by-step instructions this book starts by teaching you how to install and set up ModSecurity, before diving into the rule language with examples. It assumes no prior knowledge of ModSecurity, so as long as you are familiar with basic Linux administration, you can start to learn right away.

Real-life case studies are used to illustrate the dangers on the Web today – you will for example learn how the recent worm that hit Twitter works, and how you could have used ModSecurity to stop it in its tracks. The mechanisms behind these and other attacks are described in detail, and you will learn everything you need to know to make sure your server and web application remain unscathed on the increasingly dangerous web. Have you ever wondered how attackers figure out the exact web server version running on a system? They use a technique called HTTP fingerprinting, and you will learn about this in depth and how to defend against it by flying your web server under a "false flag".

The last part of the book shows you how to really lock down a web application by implementing a positive security model that only allows through requests that conform to a specific, pre-approved model, and denying anything that is even the slightest bit out of line.

Stop hackers cold before they get a chance to break into your web application, steal your confidential data, and bring your business to a grinding halt


This book teaches ModSecurity from the beginning to anyone with basic Linux skills. It starts by focusing on introducing ModSecurity, and explaining the concept of ModSecurity rules and how to write them. Later, it looks at the performance of ModSecurity and what sort of impact ModSecurity has on the speed of your web application.

Who this book is for

This book is written for system administrators or anyone running an Apache web server who wants to learn how to secure that server. It assumes that you are familiar with using the Linux shell and command-line tools, but does its best to explain everything so that those who are not Linux experts can make full use of ModSecurity.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software