by 
Modsecurity is an open source web application firewall which you can use with IIS,Nginx and Apache.
First login as root:
root@debian:~# apt update root@debian:~# apt install apache2 root@debian:~# apt install libapache2-mod-security2 root@debian:~# systemctl restart apache2 root@debian:/etc/modsecurity# cp modsecurity.conf-recommended modsecurity.conf root@debian:/etc/modsecurity# nano modsecurity.conf
SecRuleEngine DetectionOnly -> SecRuleEngine On
For detection mode only -> SecruleEngine DetectionOnly
/etc/apache2/sites-enabled/*.conf
/etc/modsecurity/modsecurity.conf
root@debian:/etc/modsecurity# systemctl restart apache2 root@debian:/etc/modsecurity# git clone https://github.com/coreruleset/coreruleset.git root@debian:/etc/modsecurity# cd coreruleset root@debian:/etc/modsecurity/coreruleset# mv rules/ ../ root@debian:/etc/modsecurity/coreruleset# mv crs-setup.conf.example crs-setup.conf root@debian:/etc/modsecurity/coreruleset# mv crs-setup.conf ../ root@debian:/etc/modsecurity# nano /etc/apache2/mods-enabled/security2.conf
| LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so | |
| LoadModule unique_id_module /usr/lib/apache2/modules/mod_unique_id.so | |
| <IfModule security2_module> | |
| Include /etc/modsecurity/*.conf | |
| Include /etc/modsecurity/rules/*.conf | |
| </IfModule> |
root@debian:/etc/modsecurity# systemctl restart apache2
root@debian:/etc/modsecurity# apachectl -M
root@debian:/etc/modsecurity# nano /etc/apache2/sites-enabled/000-default.conf
root@debian:/etc/modsecurity# systemctl restart apache2root@debian:/etc/modsecurity# curl localhostroot@debian:/etc/modsecurity# curl localhost?test=/../../../../../etc/shadow
Web application firewalls protect your applications from most attacks. You can configure your waf and reduce false positives. If you’re a bug hunter also you can set up your wafs for try to find bypass methods. Stay secure!
