Designing Security Cheat Sheet for Mod Security Firewall Tool
Sonti Likitha1, Korvi Raja Sekhar2, Pasumarthy Sudeep3
1Sonti Likitha, Security Analyst, eSF Labs Ltd., Tadepalli, Guntur (Andhra Pradesh), India.
2Dr. Korvi Raja Sekhar, Professor, Department of CSE, Koneru Lakshmaiah Education Foundation Deemed to be University, Vaddeswaram, Guntur (Andhra Pradesh), India.
3Pasumarthy Sudeep, M.Tech, 2nd Year Student, KLEF, Green Fields, Vaddeswaram, Guntur (Andhra Pradesh), India.
Manuscript received on 25 May 2019 | Revised Manuscript received on 03 June 2019 | Manuscript Published on 22 June 2019 | PP: 447-451 | Volume-8 Issue-3S, February 2019 | Retrieval Number: C10940283S19/19©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Web Application Firewall (WAF) is the security tool that acts as a shield for web applications and web application servers from various classes of attacks. WAF acts as a tool/scanner/interface between the server and web applications that provide inclusive protection by validating the constraints (restrictions) specified using ‘Sec Rules’ which are executed when that particular application is protecting by WAF. Providing protection to applications is one of the key aspects, as WAF can protect against a number of Application Layer Security threats which are usually not protected by numerous typical network layer tools like IDS, IPS & other categories of firewalls. Web applications can be easily attacked by hackers even with the presence of normal firewalls. This is due to the limitation that a normal firewall installed for network layer protection does not work for application layer security issues. Security cheat sheets are very popular for community developed by OWASP. They provide first hand information for developer/designer/analyst/administrator/any other who is part of security system. This paper addresses the cheat sheet for Mod Security web application firewall tool, which will be helpful for customizing new rules and also helps in designing the documentation part similar to Readme Text file of the tool.
Keywords: Application Security, Web Application, Web-Application Firewall, Mod Security, Cheat Sheet.
Scope of the Article: Security, Trust and Privacy