Re: [mod-security-users] ModSec / CRS: Use of GeoIP & ASN information
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] ModSec / CRS: Use of GeoIP & ASN information
|
From: Christian F. <chr...@ne...> - 2022-10-20 13:49:51
|
Ah, sweet. Had forgotten about this. Thanks azurit! On Thu, Oct 20, 2022 at 03:27:22PM +0200, az...@po... wrote: > Hi! > > > One idea I’m toying with is creating an interstitial page similar to > > Cloudflare’s “Checking your browser..” page. For ASNs which are > > problematic it would be a bit safer to force someone to perform a > > hCaptcha or something check before they can get through to the intended > > site and set a cookie. I think this might be possible but a little bit > > difficult to create entirely using mod_security though, so I’m thinking > > about writing a new (and relatively simple) Apache module. I’d love to > > hear if someone has already done this! > > > My ModSecurity reCAPTCHA library may help you with this, check it out (needs > Lua support in ModSec): > https://github.com/azurit/modsecurity-recaptcha > > > azurit > > > > > > > Joel > > > > > On 19 Oct 2022, at 12:04 am, Christian Folini > > > <chr...@ne...> wrote: > > > > > > Hi there, > > > > > > During the years, I have found the use of GeoIP (& ASN) information in > > > #ModSecurity / @CoreRuleSet very useful. Yet very few people do > > > this for GeoIP and practically nobody for ASN. > > > > > > It really helps to weed out false positives or defend in case of certain > > > persistent attacks. > > > > > > Since good documentation on the subject is scare, here is how to get this > > > into your setup: > > > > > > https://www.netnea.com/cms/2022/10/12/using-geoip-information-together-with-modsecurity/(Also > > > covered in my 2nd webcast last week: > > > https://www.youtube.com/watch?v=OBVwdqEFmX0) > > > > > > I have also covered this in my 2nd ModSec / CRS webcast last week (plus some > > > additional interesting stuff): > > > https://www.youtube.com/watch?v=OBVwdqEFmX0 > > > > > > Best, > > > > > > Christian > > > > > > > > > -- > > > Ultimately, motivation gets us started, > > > but discipline and habit are what enable us to finish. > > > -- Matthew Helmke > > > > > > > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
