Re: [mod-security-users] ModSecurity plugin with client certificates
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] ModSecurity plugin with client certificates
|
From: Ryan B. <Rya...@Br...> - 2007-07-09 12:05:47
|
Yes, ModSecurity can be installed on an Apache server that is doing SSL + Client certificate auth. You are asking about two different things however - encryption and authentication. SSL encryption does not affect Mod when running embedded as the decryption happens at a lower level. The data is already decrypted by the time Apache passes it off to Mod in phase:1 - post-ready-request. Now for SSL client cert authentication, that would happen at a later apache request phase hook (access control). If you moved all of the Mod security rules to run in phase:2 or later, then you would have the SSL decryption and access control execute before Mod took any action. =20 --=20 Ryan C. Barnett ModSecurity Community Manager Breach Security: Director of Application Security Training Web Application Security Consortium (WASC) Member CIS Apache Benchmark Project Lead SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC Author: Preventing Web Attacks with Apache =20 =20 ________________________________ From: mod...@li... [mailto:mod...@li...] On Behalf Of Erwin Geirnaert Sent: Monday, July 09, 2007 6:41 AM To: mod...@li... Subject: [mod-security-users] ModSecurity plugin with client certificates =20 Hi list, =20 Before I start playing with this, I rather ask the list of experts: =20 Can ModSecurity be configured as a plugin for Apache after successful SSL authentication using client certificates? In this scenario it is difficult to use mod_proxy because information from the client certificate is required in the local PHP application, but would ModSecurity be able to inspect HTTP traffic after decryption? (I assume yes) =20 Any additional things or configuration issues that might be required? =20 Thank you, =20 Erwin =20 ________________________________ Note: This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. ZION SECURITY and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. =20 Thank You.=20 ________________________________ Scanned by MailMarshal - Marshal's comprehensive email content security solution. Download a free evaluation of MailMarshal at www.marshal.com <http://192.168.123.154/exchweb/bin/redir.asp?URL=3Dhttp://www.marshal.co= m > . Implemented and supported by ZION SECURITY. ________________________________ |
