Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Modsecurity Handbook [Paperback]

Ivan Ristic

List Price: CDN$ 56.13
Price: CDN$ 53.02 & FREE Shipping. Details
You Save: CDN$ 3.11 (6%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 1 left in stock (more on the way).
Ships from and sold by Amazon.ca. Gift-wrap available.
Want it delivered Tuesday, April 22? Choose One-Day Shipping at checkout.

Book Description

March 15 2010
PRODUCT DESCRIPTION ModSecurity Handbook is the definitive guide to ModSecurity, a popular open source web application firewall. Written by Ivan Ristic, who designed and wrote much of ModSecurity, this book will teach you everything you need to know to monitor the activity on your web sites and protect them from attack. Situated between your web sites and the world, web application firewalls provide an additional security layer, monitoring everything that comes in and everything that goes out. They enable you to perform many advanced activities, such as real-time application security monitoring, access control, virtual patching, HTTP traffic logging, continuous passive security assessment, and web application hardening. They can be very effective in preventing application security attacks, such as cross-site scripting, SQL injection, remote file inclusion, and others. Considering that most web sites today suffer from one problem or another, ModSecurity Handbook will help anyone who has a web site to run. The topics covered include: - Installation and configuration of ModSecurity - Logging of complete HTTP traffic - Rule writing, in detail - IP address, session, and user tracking - Session management hardening - Whitelisting, blacklisting, and IP reputation management - Advanced blocking strategies - Integration with other Apache modules - Working with rule sets - Virtual patching - Performance considerations - Content injection - XML inspection - Writing rules in Lua - Extending ModSecurity in C The book is suitable for all reader levels: it contains step-by-step installation and configuration instructions for those just starting out, as well as detailed explanations of the internals and discussion of advanced techniques for seasoned users. The official ModSecurity Reference Manual is included in the second part of the book. A digital version is available. For more information and to access the online companion, go to www.modsecurityhandbook.com ABOUT THE AUTHOR Ivan Ristic is a respected security expert and author, known especially for his contribution to the web application firewall field and the development of ModSecurity, the open source web application firewall. He is also the author of Apache Security, a comprehensive security guide for the Apache web server. A frequent speaker at computer security conferences, Ivan is an active participant in the application security community, a member of the Open Web Application Security Project, and an officer of the Web Application Security Consortium.

Customers Who Bought This Item Also Bought


Product Details


Product Description

About the Author

Ivan Ristic is a respected security expert and author, known especially for his contribution to the web application firewall field and the development of ModSecurity, the open source web application firewall. He is also the author of Apache Security, a comprehensive security guide for the Apache web server. A frequent speaker at computer security conferences, Ivan is an active participant in the application security community, a member of the Open Web Application Security Project, and an officer of the Web Application Security Consortium.

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.8 out of 5 stars  8 reviews
1 of 1 people found the following review helpful
5.0 out of 5 stars Comprehensive guide for securing web applications Sept. 22 2010
By Emre Sevinc - Published on Amazon.com
Format:Paperback|Verified Purchase
I'm very new to ModSecurity and I found the guide to be very useful as a beginner. The books pacing is very good, starting with basics, not assuming the reader to be an expert and slowly going to great depths and advanced levels. Previously I was just installing the ModSecurity + core rule set without much understanding, now I have the guide to explain me why I did what I did. I wish that the Lua chapter was a little bit longer and included more examples but I think there is no room for big complaints overall. I have marked lots of pages and I'm keeping the book at my desk for daily web application security testing and configuration tasks. Finally, the chapter about virtual patching was an eye-opener for me.
1 of 1 people found the following review helpful
5.0 out of 5 stars Complete and authoritative June 22 2010
By Amazon Customer - Published on Amazon.com
Format:Paperback
I've finally finished reading Ivan Ristic's new book, mod_security handbook, published by Feisty Duck. Ivan is the brain behind mod_security. By the way, if you're not using mod_security on your Apache server, you should be. And this is the book to tell you how to use it.

Ivan sent me a few early releases of the book, and about a month ago I received the first print edition.

This book is what you've been waiting for if you use mod_security. (And, as I mentioned, if you're not using it, you should be.) The documentation for mod_security has long been frustrating. Even where it was complete and informative, you just didn't know where to start.

This book is where to start.

The first 2/3 of the book is written in tutorial fashion, walking you through tasks from installation to complex scripting. Chapter 6 gives a great description of writing rules, and Chapter 9 gives numerous practical examples which flesh out what goes before. I always learn best by example, so these examples and the accompanying explanations make the earlier academic learning more meaningful to me.

Chapter 8 is about persistent storage of data. I've long been interested in this area of mod_security, and have had many times when I needed it and didn't understand the docs on it. Ivan makes it much clearer than I've seen it presented before. I'll be looking back at this the next time the need arises to do this kind of thing.

The last third of the book is the reference manual. I'm a big fan of having the reference manual in printed format, although it does run the risk of being out of date quickly.

This book is constantly updated, so you can always obtain the latest version. However, it's unlikely that I'll be buying a new paper book each time there's a new release of mod_security. This book is also available in electronic format, and if you buy the ebook, you get updates to it as part of your purchase price. That's pretty cool.

On the whole, this book is a long-awaited resource, and is very well written, by the person who knows the topic best. Highly recommended. You should go get a copy right away.
2 of 3 people found the following review helpful
5.0 out of 5 stars Book Review: ModSecurity Handbook June 10 2010
By Russ McRee - Published on Amazon.com
Format:Paperback
Published as the inaugural offering from Ristic's own Feisty Duck the ModSecurity Handbook is an important read for ModSecurity fans and new users alike. Need I remind you, Ristic developed ModSecurity, the web application firewall, in 2002 and remains involved in the project to this day.
This book is a living entity as it is continually updated digitally; your purchase includes 1 year of digital updates. Ristic also wants to know what you think and will incorporate updates and feedback if relevant.

While the ModSecurity Handbook covers v2.5 and beyond, Ristic's is "the only ModSecurity book on the market that provides comprehensive coverage of all features, including those features that are only available in the development repository."
ModSecurity Handbook offers detailed technical guidance and is rules-centric in its approach including configuration, writing, rules sets, and Lua. Your purchase even includes a digital-only ModSecurity Rule Writing Workshop.

Chapter 10 is dedicated to performance as proper tuning is essential to success with ModSecurity without web application performance degradation.
That said, the highlight of this excellent read for your reviewer was Chapter 8, covering Persistent Storage.
ModSecurity persistent storage is, for all intents and purposes, a free-form database that helps you:
* Track IP address and session activity, attack, and anomaly scores
* Track user behavior over a long period of time
* Monitor for session issues including hijacking, inactivity timeouts and absolute life span
* Detect denial of service and brute force attacks
* Implement periodic alerting

Following the applied persistence model, I found periodic alerting most interesting and useful. From pg. 126, "Periodic alerting is a technique useful in the cases when it is enough to see one alert about a particular situation, and when further events would only create clutter. You can implement periodic alerting to work once per IP address, session, URL, or even an entire application."
This is the ModSecurity equivalent of a Snort IDS rule header pass action useful when internal vulnerability scanners might cause an excess of alerts.
ModSecurity rules that perform passive vulnerability scanning might detect traces of vulnerabilities in output, and alert on them. Periodic alerting would thus only alert once when configured accordingly.
As an example, perhaps you are aware of minor issues that are important to be aware of, but do not require an alert on every web server hit.
Making use of the GLOBAL collection, ModSecurity Handbook's example would translate the scenario above by following a chained rule match and defining a variable, thus telling you if an alert has fired in a previously. The presence of the variable indicates that an alert shouldn't fire again for a rule-defined period of time. In concert with expiration and counter resets it is ensured that a rule will warn you only once in a your preferred period of time but still log as you see fit too.
Useful, right?

ModSecurity Handbook, in concert with Ristic's Apache Security, are must reads for web application security administrators and architects, but will not leave those who need step-by-step instructions at a loss.
Trust me when I say, all you need to harden your web presence with ModSecurity is at your fingertips with the ModSecurity Handbook.
1 of 2 people found the following review helpful
5.0 out of 5 stars A Must-Have Book for Anybody Serious about WAF and ModSecurity April 26 2010
By Andrew Ward - Published on Amazon.com
Format:Paperback
Ivan Ristic has once again delivered another gem for both the security industry and open source community! In particular, I like the following about this book: 1) it is well organized into sections that match your activities - implementation, configuration, management; 2) it includes a comprehensive section on rules, which is where your ongoing effort will be with ModSecurity; and 3) this is a "living" book in that that author periodically updates the work based upon feedback and lessons learned. In particular, this last feature is really cool. This book continues to evolve and you'll get the electronic updates when new versions are released by the author. In fact, I got my first update this weekend! As the Sr. Product Manager of a service provider that is leveraging ModSecurity for its WAF solution, I advise that if you are at all serious about deploying ModSecurity, then this book is you should own.
1 of 2 people found the following review helpful
5.0 out of 5 stars This Book Is a Win April 23 2010
By dune73 - Published on Amazon.com
Format:Paperback
Finally, there is a concise overview of ModSecurity from the main developer of the module. The official documentation of ModSecurity falls short in the rule writing area. And this is where this book excels. More than half of the text of this book is dedicated to rule writing. Here, the author takes you by the hand and explains rule writing in the form of a tutorial (this tutorial extends far beyond the chapter with that name).

AFAIK, this is the first publication that discusses ModSecurity persistent storage throughly. And this is clearly more information than what was ever published via mailinglists, blogposts of via the ModSecurity website.

It is true, that the English is very technical and not always up to literary standards. Who cares? This book earns all the 5 stars amazon has to offer.
ARRAY(0xbbb7cc9c)

Look for similar items by category


Feedback