Modsecurity의 IIS 설치 msi파일을 통해 Microsoft IIS에서도 Modsecurity 웹서버 보안강화도구를 사용할 수 있다.
아래는 IIS에서 Modsecurity를 설치, 설정하는 방법이다. 만약, IIS에서 Modsecurity를 사용하고자 한다면, 참고가 되시길..
또한, Modsecurity를 설치하기 위해 사전에 설치해야 하는 목록에 추가적으로 .NET Framework이 필요하다.(참고하세요)
Installation for Microsoft IIS
The source code of ModSecurity’s IIS components is fully published and the binary building process is described (see mod_security/iis/winbuild/howto.txt). For quick installation it is highly recommended to use standard MSI installer available from SourceForge files repository of ModSecurity project or use binary package and follow the manual installation steps.
Manually Installing and Troubleshooting Setup of ModSecurity Module on IIS
Prerequisites
Before installing ModSecurity one has to install Visual Studio 2010 Runtime:
- 32-bit OS: http://www.microsoft.com/en-us/download/details.aspx?id=5555
- 64-bit OS: http://www.microsoft.com/en-us/download/details.aspx?id=14632
Installation Steps
Download binary package and unzip the content to a separate folder:
- The installation process of ModSecurity module on IIS consists of three parts:
- 1. Copying of binaries: copyfiles.bat
- The following binary files are required by ModSecurity module and by default should be copied to %windir%\system32\ (32-bit binaries) and/or %windir%\SysWOW64\ (64-bit binaries):
- libapr-1.dll
- libapriconv-1.dll
- libaprutil-1.dll
- libxml2.dll
- lua5.1.dll
- ModSecurityIIS.dll
- pcre.dll
- zlib1.dll
- The mlogc tool can be copied to any place, together with libcurl.dll:
- libcurl.dll
- mlogc.exe
- 2. Registering of the module: register.bat
- An IIS module must be properly registered before it can be used by web applications. The following command, executed in %windir%\system32\inetsrv, performs the registration:
appcmd.exe install module /name:ModSecurityIIS /image:%windir%\system32\inetsrv\modsecurityiis.dll
- The registration process itself is described with details in the following articles:
- http://technet.microsoft.com/en-us/library/cc771133(v=ws.10)
- http://learn.iis.net/page.aspx/121/iis-modules-overview/
- 3. Extending of the configuration schema.
- The last step extends IIS configuration schema with ModSecurity entities, using ModSecurity.xml file provided in the binary:
iisschema.exe /install ModSecurity.xml
- and iisschema.exe tool. More information about the tool and this step is available here:
Configuration
- After the installation the module will be running in all websites by default. To remove it from a website add to web.config:
<modules>
<remove name="ModSecurityIIS" />
</modules>
- To configure module in a website add to web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<ModSecurity enabled="true" configFile="c:\inetpub\wwwroot\xss.conf" />
</system.webServer>
</configuration>
- where configFile is standard ModSecurity config file.
- Events from the module will show up in "Application" Windows log.
Common Problems
- If after installation protected website responds with HTTP 503 error and event ID 2280 keeps getting logged in the application event log:
Log Name: Application Source: Microsoft-Windows-IIS-W3SVC-WP Event ID: 2280 Task Category: None Level: Error Keywords: Classic User: N/A Description: The Module DLL C:\Windows\system32\inetsrv\modsecurityiis.dll failed to load. The data is the error.
most likely it means that the installation process has failed and the ModSecurityIIS.dll module is missing one or more libraries that it depends on. Repeating installation of the prerequisites and the module files should fix the problem. The dependency walker tool:
can be used to figure out which library is missing or cannot be loaded.
위 내용에 더불어 아래와 같은 msi 설치파일도 있네요..;; 갠히 고생했네;;
아래 파일을 통한 설치도 해보시면 좋겠네요.
ModSecurityIIS_2.7.0-rc3.zip
설치 후, 설정은 아래 사이트를 참조하세요,,
'보안 > 방어기술' 카테고리의 다른 글
| [PC보안] WinPatrol 도구 (0) | 2012.10.09 |
|---|---|
| [PC보안] 보안관리 도구(What's Running ver3.0) (0) | 2012.10.09 |
| modsecurity를 활용한 웹보안 강화 (0) | 2012.09.26 |
| Windwos시스템 보호 설정도구(EMET) (0) | 2012.09.20 |
| [IDS] Security Onion을 활용한 IDS환경 구축 (0) | 2012.09.17 |
