window._wpemojiSettings={baseUrl:"https://s.w.org/images/core/emoji/15.0.3/72x72/",ext:".png",svgUrl:"https://s.w.org/images/core/emoji/15.0.3/svg/",svgExt:".svg",source:{concatemoji:"https://cdn1.fikridal.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2"}},function(e,t){var n,r,a;function o(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(n,JSON.stringify(t))}catch(e){}}function i(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);var r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every((function(e,t){return e===r[t]}))}function s(e,t,n){switch(t){case"flag":return!n(e,"🏳️‍⚧️","🏳️​⚧️")&&(!n(e,"🇺🇳","🇺​🇳")&&!n(e,"🏴󠁧󠁢󠁥󠁮󠁧󠁿","🏴​󠁧​󠁢​󠁥​󠁮​󠁧​󠁿"));case"emoji":return!n(e,"🐦‍⬛","🐦​⬛")}return!1}function c(t,n,r){var a=("undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):e.createElement("canvas")).getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return t.forEach((function(e){o[e]=n(a,e,r)})),o}function p(t){var n=e.createElement("script");n.src=t,n.defer=!0,e.head.appendChild(n)}"undefined"!=typeof Promise&&(n="wpEmojiSettingsSupports",r=["flag","emoji"],t.supports={everything:!0,everythingExceptFlag:!0},a=new Promise((function(t){e.addEventListener("DOMContentLoaded",t,{once:!0})})),new Promise((function(e){var t=function(){try{var e=JSON.parse(sessionStorage.getItem(n));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf() var colibriData={"578-h2":{data:{sticky:{className:"h-navigation_sticky animated",topSpacing:0,top:0,stickyOnMobile:!0,stickyOnTablet:!0,startAfterNode:{enabled:!1,selector:".header, .page-header"},animations:{enabled:!1,currentInAnimationClass:"slideInDown",currentOutAnimationClass:"slideOutDownNavigation",allInAnimationsClasses:"slideInDown fadeIn h-global-transition-disable",allOutAnimationsClasses:"slideOutDownNavigation fadeOut h-global-transition-disable",duration:500}},overlap:!0}},"578-h9":{data:{type:"horizontal"}},"578-h12":{data:[]},"596-s5":{data:{componentsWithEffects:[]}}};
/(trident|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",(function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&&(/^(?:a|select|input|button|textarea)$/i.test(t.tagName)||(t.tabIndex=-1),t.focus())}),!1); document.querySelector('.skip-link[href="#content"]').addEventListener("click",(function(){var t=document.querySelector("#content #blog-posts, #content .colibri-single-post-loop"),e=document.querySelector('[data-colibri-component="navigation"]');if(t){var i=t.getBoundingClientRect().top;if(e&&!window.colibriNavStickyOpts){var o=e.getBoundingClientRect();i-=o.height}setTimeout((function(){window.scrollTo(0,i)}),0)}else if(e&&!window.colibriNavStickyOpts){var n=-1*(o=e.getBoundingClientRect()).height;setTimeout((function(){window.scrollBy(0,n)}),0)}}));

Debian uzerInde apache2 icin modsecurity kuruLumu .

!function(){NodeList.prototype.forEach||(NodeList.prototype.forEach=function(t){for(var o=0;o
Written by nothinG -
on Kasım 24, 2006

debain icin modsecury kurulumu

apt-get install libapache2-mod-security

vi /etc/apache2/mods-available/mod-security.conf

# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
# SecFilterEngine DynamicOnly
# Turn the filtering engine On or Off

SecFilterEngine On

# Reject requests with status 404

SecFilterDefaultAction “deny,log,status:404″

# Some sane defaults

SecServerResponseToken Off

SecFilterScanPOST Off
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off

# If you want to scan the output, uncomment these
# SecFilterScanOutput On
# SecFilterOutputMimeTypes “(null) text/html text/plain”
# Accept almost all byte values

SecFilterForceByteRange 1 255
# Only record the interesting stuff

SecAuditEngine RelevantOnly
SecAuditLog /var/log/apache2/audit_log
# You normally won’t need debug logging

SecFilterDebugLevel 0

SecFilterDebugLog /var/log/apache2/modsec_debug_log

# Include rules

Include /etc/apache2/modsecurity/filter.conf



kurallari include ile eklemis oldugumuz dosyanin icine yazicagiz bunun icin

mkdir /etc/apache2/modsecurity/

vi /etc/apache2/modsecurity/filter.conf

#
# —————————————————————————–
#
# Start Rules (Gerneric)
#
# —————————————————————————–

# Enforce proper HTTP requests

SecFilterSelective THE_REQUEST “!HTTP\/(0\.9|1\.0|1\.1)$”
# check for bad meta characters in User-Agent field

SecFilterSelective HTTP_USER_AGENT “.*\’”

# Require Content-Length to be provided with every POST request

SecFilterSelective REQUEST_METHOD “^POST$” chain

SecFilterSelective HTTP_Content-Length “^$”

# Don’t accept transfer encodings we know we don’t handle (and you don’t need it anyway)

SecFilterSelective HTTP_Transfer-Encoding “!^$”

# Don’t accept chunked encodings

SecFilterSelective HTTP_Transfer-Encoding “chunked”
# must have a useragent string

SecFilterSelective “HTTP_USER_AGENT|HTTP_HOST” “^$”

# Again, this is better protected by removing these functions in php.ini
SecFilterSelective ARGS “(system|exec|passthru|popen|shell_exec|proc_open|fopen|fwrite)\s*\(”

# Prevent path traversal (..) attacks

SecFilter “\.\./”
# generic recursion signature

SecFilterSelective THE_REQUEST “\.\./\.\./”
# generic attack sig

SecFilterSelective THE_REQUEST “cd\x20*\;(cd|\;|echo|perl|python|rpm|yum|apt-get|emerge|lynx|links|mkdir|elinks|cmd|pwd|wget|id|uname|cvs|svn|(s|r)(cp|sh)|rexec|smbclient|t?ftp|ncftp|curl|telnet|gcc|cc|g\+\+|\./)”

# generic filter to prevent SQL injection attacks

SecFilter “[[:space:]]+(select|grant|delete|insert|drop|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|*| |\,]+[[:space:]]+(from|into|table|database|index|view)[[:space:]]+[A-Z|a-z|0-9|*| |\,]”

# generic PHP remote file inclusion attack
SecFilter “\.php\?” chain

SecFilter “(http|https|ftp)\:/” chain

SecFilter “cmd=(cd|\;|perl|python|rpm|yum|apt-get|emerge|lynx|links|mkdir|elinks|cmd|pwd|wget|id|uname|cvs|svn|(s|r)(cp|sh)|rexec|smbclient|t?ftp|ncftp|curl|telnet|gcc|cc|g\+\+|\./)”

# generic sig for more bad PHP functions
SecFilterSelective THE_REQUEST “chr\(([0-9]{1,3})\)”
SecFilterSelective THE_REQUEST “chr\([0-9a-fA-Fx]+\)”
# SQL injection attacks
SecFilter “delete[[:space:]]+from”
SecFilter “insert[[:space:]]+into”
SecFilter “select.+from”

# SQL injection in cookies
SecFilterSelective COOKIE_sessionid “.*(select|grant|delete|insert|drop|do|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|*||\,]+[[:space:]]+(from|into|table|database|index|view)”

# —————————————————————————–
# Start Rules (experimental)

# —————————————————————————–

# experimental generic remote download sig foo IP or FQDN or foo http/https/ftp://whatever

SecFilterSelective THE_REQUEST “(perl|t?ftp|links|elinks|lynx|ncftp|(s|r)(cp|sh)|wget|curl|cvs|svn).*\x20((http|https|ftp)\:/|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|.*[A-Za-z|0-9]\.[a-zA-Z]{2,4}/)”

SecFilterSelective THE_REQUEST “( |\;|/|\’|,|\&|\=|\.)((s|r)(sh|cp)) *(.*@.*|(http|https|ftp)\:/|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|.*[A-Za-z|0-9]\.[a-zA-Z]{2,4}/)”

enson olarak mod secury aktive edip apacheyi yeniden calistiralim.

a2enmod mod-security

/etc/init.d/apache2 restart
su url’yi kendi internet gezgininizden cagirip. apache error.log’larini inceleyin..

http://deineDomain.de/?query=”insert into users (id, name) values (1,’stefan’)”

mod secur calisiyor ise bunu loglardan konrtol edebilirsiniz. ayriyetten sayfa bulunamadi seklinde 404 hatasi verilir…

Categories:

Genel

Tags:

No Tag

No responses yet

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

document.getElementById("ak_js_1").setAttribute("value",(new Date).getTime());

window.hugoFrontendData=[];