Re: [mod-security-users] Can we use Modsecurity for server side validations
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Can we use Modsecurity for server side validations
|
From: Christian B. <ch...@jw...> - 2009-12-12 14:19:27
|
Hi Gagan,
if I understood you right, then what you want is to white-list your input
forms using ModSecurity. This is possible with ModSecurity and there has
been several people working on things like this, e.g.
- REMO, which is a web-based editor for positive security models
Can be found at http://remo.netnea.com
- my ProfileEditor, which is an XML-based approach for white-listing
(including a xml-to-secrules compiler)
For a short overview on how to achieve your validation have a look
at https://secure.jwall.org/blog/2008/12/10/1228939459690.html
In addition there are some early-state projects on extracting positive
security modules automatically, such as
- ModProfiler (http://www.modsecurity.org/projects/modprofiler/)
- WebApplicationProfiler (http://www.jwall.org/web/profiler/)
NOTE:
Please keep in mind, that doing input-validation within the web-application
firewall does not free you from doing validation within your application.
Only relying on the WAF to validate inputs is not the right path to walk.
(This, however, is my personal view.)
Regards,
Chris
Am 12.12.2009 um 14:23 schrieb Gagan Bhatia:
> Dear Mailing list
>
> Can we use modsecurity for the input validation screening in lieu of server side validation If yes what is the best practice to use it. I have got the regular expressions pattern available for all the fields we would be accepting from the client side
> Have any one done it before if yes how we can deploy the same.
>
> Regards
> Gagan Bhatia
> =====-----=====-----=====
> Notice: The information contained in this e-mail
> message and/or attachments to it may contain
> confidential or privileged information. If you are
> not the intended recipient, any dissemination, use,
> review, distribution, printing or copying of the
> information contained in this e-mail message
> and/or attachments to it are strictly prohibited. If
> you have received this communication in error,
> please notify us by reply e-mail or telephone and
> immediately and permanently delete the message
> and any attachments. Thank you
>
>
>
> ------------------------------------------------------------------------------
> Return on Information:
> Google Enterprise Search pays you back
> Get the facts.
> http://p.sf.net/sfu/google-dev2dev
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Appliances, Rule Sets and Support:
> http://www.modsecurity.org/breach/index.html
|