Maarten Balliauw

Maarten Balliauw

Loves web and HTTP, C#, Kotlin, Azure and application performance. Developer Advocate at JetBrains. Frequent speaker at and organizer of various community events. Likes brewing his own beer.

Munin PHP based mod_security

Edit on GitHub

Today, I discovered a nice PHP thing: Munin. This is a PHP version of Apache mod_security, allowing it to be run on IIS too. Munin performs rule based checks on HTTP headers, get and post data, ... The standard rule set disallows some things like path traversal and possible fopen() attacks.

In addition to these rulesets, one should add some more for filtering out SQL injection attacks, cross-site script loading, ... These things should already be covered in your code, but an extra filter at the front door is always nice.

You also get a nice control panel in which you can check rules that have matched and thus might indicate possible misuse of your website. You can also manage rules in this front-end.

This is an imported post. It was imported from my old blog using an automated tool and may contain formatting errors and/or broken images.

Leave a Comment

avatar

0 responses

    You May Also Enjoy

    Test-Driving Windows 11 Dev Drive for .NET

    At Build 2023 back in June, Microsoft announced a new form of storage volume for Windows 11: Dev Drive. In October 2023, support for Dev Drive was shipped as a Windows Update and now available to anyone using the latest version of Windows 11. [Environment]::SetEnvironmentVariable(“npm_config_cache”, “$DevDrive\Pack... Read more »

    Provide opt-in to experimental APIs using C#12 ExperimentalAttribute

    When writing libraries and frameworks that others are using, it’s sometimes hard to convey that a given API is still considered “experimental”. For example, you may want to iterate on how to work with part of the code base with the freedom to break things, while still allowing others to consume that code if they are... Read more »

    Discriminated Unions in C#

    Discriminated unions have been a long-standing request for C#. While F# users have had discriminated unions for years, C# developers will have to wait a bit longer. Read more »