Collaborate Disseminate
Working on a rule to block traffic based on the starting character of ARGS_NAMES either cookie, get or post
Example allow
name=Joe
Example block
#name=Joe
Test rule that is not working
SecRule ARGS_NAMES “^(#.*)$” “p… Continue reading ModSecurity Block based on ARGS_NAMES starting character
In this blog post, we’ll go over how to elevate your web server SSL/TLS implementation, why it’s important, and how you can leverage our version 13.0 release for Imperva SecureSphere Web Application Firewall (WAF), available today, to achieve the desir… Continue reading Making the Grade: Achieve SSL Labs A+ Grade with Imperva WAF
Firewalls have traditionally been focused on network layer traffic. As attacks have evolved, however, they have climbed the ladder of the Open Systems Interconnection (OSI) model. Web Application Firewalls (WAFs) have developed as a result, not only to… Continue reading Web Application Firewalls: The Definitive Primer
I’m looking to build up some stats and tune my detection rules for my webservers. I’m struggling with one major issue, though. How can I run my ModSecurity rules against past requests based on my access/error logs?
An other … Continue reading How to test ModSecurity rules against access/error logs?
How can I use SQLMAP to run tests on a website with a WAF/IDS? Suppose I want to run something like this:
python sqlmap.py -u http://www.xxxxxxxxxxxxxx.com/standard.html&id=30 –dbs
How can I test against WAF/IDs in th… Continue reading Bypass WAF/IDS with SQLMAP? [closed]
Hannes Rapp is an Independent F5 Engineering Consultant focusing on BIG-IP ASM and LTM. According to Hannes, ‘if you combine these two modules, you have the best of F5 product portfolio. One without another is incomplete BIG-IP.’ He’s… Continue reading DevCentral’s Featured Member for March – Hannes Rapp
It’s early in 2018 and we have already witnessed one of the top contenders in this year’s web application attacks. Continuing the trend from the last months of 2017, crypto-mining malware is quickly becoming attackers’ favorite modus … Continue reading New Research: Crypto-mining Drives Almost 90% of All Remote Code Execution Attacks
There is a great scene in the movie Victor, Victoria, where the character played by James Garner decides it’s time to mix things up a bit. So, he strolls into an old gritty bar wearing a tuxedo, walks up to the bartender, and orders milk. Within… Continue reading Orchestrating Flows for Cyber
Can someone give me some guidelines about building a WAF?
I think I just need Nginx Reverse Proxy with Naxsi or ModSecurity. As far as I know Cloudflare is using too. Why not using my own WAF instead of Cloudflare?
In part one of this blog series we discussed how there is oftentimes a lack of knowledge when it comes to infrastructure technology and knowhow in the relevant DevOps teams. This is not what was intended when “Agile” moved from being a pur… Continue reading Marrying the Business Need With Technology, Part 3: Re-aggregating the Tools