github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

Moved api examples to "ext" dir and hooked them into autotools for building with "--enable-extentions".

Browse Source 
Upgraded to autoconf 2.65.
This commit is contained in:
b1v1r
2010-05-05 23:00:48 +00:00
parent cea87f4085
commit 8553cab4a7
17 changed files with 244 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
ext/README Normal file
View File

@@ -0,0 +1,72 @@
Custom ModSecurity Modules
--------------------------
This directory contains three examples how you can extend
ModSecurity without having to touch it directly, simply
by creating custom Apache modules.
NOTE: ModSecurity must be compiled with API support
to use this feature (the API is enabled by default,
but it will have been disabled if you used -DNO_MODSEC_API).
Building the Example Custom Modules
-----------------------------------
1) Example custom transformation function module
Module mod_tfn_reverse.c creates a custom transformation
function "reverse" that reverses the content it receives
on input.
# Compile as a normal user
apxs -I<MODSECURITY_SOURCE_CODE> -I/usr/include/libxml2 \
-ca mod_tfn_reverse.c
# Install as superuser
sudo apxs -i mod_tfn_reverse.la
2) Example custom operator module
Module mod_op_strstr.c creates a custom operator "strstr"
that implements fast matching using the Boyer-Moore-Horspool
algorithm.
# Compile as a normal user
apxs -I<MODSECURITY_SOURCE_CODE> -I/usr/include/libxml2 \
-ca mod_op_strstr.c
# Install as superuser
sudo apxs -i mod_op_strstr.la
3) Example custom target variable module
Module mod_var_remote_addr_port.c creates a custom variable "REMOTE_ADDR_PORT"
that combines the REMOTE_ADDR and REMOTE_PORT into a.b.c.d:port format.
# Compile as a normal user
apxs -I<MODSECURITY_SOURCE_CODE> -I/usr/include/libxml2 \
-ca mod_var_remote_addr_port.c
# Install as superuser
sudo apxs -i mod_var_remote_addr_port.la
Using the Modules
-----------------
Once the modules are built and installed, you load them like any other Apache module, but they must be loaded *after* the mod_security2.so module.
# Load ModSecurity
LoadModule security2_module modules/mod_security2.so
# Load ModSecurity custom modules
LoadModule tfn_reverse_module modules/mod_tfn_reverse.so
LoadModule op_strstr_module modules/mod_op_strstr.so
LoadModule var_remote_addr_port_module modules/mod_var_remote_addr_port.so
# All three custom var/op/tfn used
SecRule REMOTE_ADDR_PORT "@strstr 1.2.3.4:5678" "t:reverse"