{"id":5610,"date":"2025-06-06T15:39:06","date_gmt":"2025-06-06T11:39:06","guid":{"rendered":"https:\/\/jsnet.biz\/?p=5610"},"modified":"2025-07-07T17:00:13","modified_gmt":"2025-07-07T13:00:13","slug":"mod-securty-n%c9%99dir","status":"publish","type":"post","link":"https:\/\/jsnet.biz\/ru\/mod-securty-n%c9%99dir\/","title":{"rendered":"Mod Security n\u0259dir?"},"content":{"rendered":"
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

ModSecurity<\/strong> \u2014 veb serverl\u0259r \u00fc\u00e7\u00fcn a\u00e7\u0131q m\u0259nb\u0259 kodlu Web Application Firewall (WAF)<\/strong> sistemidir. Onun \u0259sas funksiyas\u0131 veb t\u0259tbiql\u0259ri z\u0259r\u0259rli trafikd\u0259n v\u0259 h\u00fccumlardan qorumaqd\u0131r. Bu sistem Apache<\/strong>, Nginx<\/strong> \u0432\u0259 IIS<\/strong> kimi m\u0259\u015fhur veb serverl\u0259rl\u0259 inteqrasiya oluna bilir.<\/p>

\ud83d\udd10 ModSecurity n\u0259 edir?<\/strong><\/h3>

ModSecurity real vaxtda HTTP trafiki analiz edir v\u0259 a\u015fa\u011f\u0131dak\u0131 hallar\u0131 a\u015fkar edib bloklaya bilir:<\/p>

  • \u2757 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f<\/strong><\/p><\/li>

  • \u2757 Cross Site Scripting (XSS)<\/strong><\/p><\/li>

  • \u2757 Local File Inclusion (LFI)<\/strong><\/p><\/li>

  • \u2757 Remote Code Execution (RCE)<\/strong><\/p><\/li>

  • \u2757 Brute Force H\u00fccumlar<\/strong><\/p><\/li>

  • \u2757 Bot v\u0259 DDoS h\u00fccumlar\u0131n\u0131n a\u015fkarlanmas\u0131<\/strong><\/p><\/li><\/ul>

    \u2699\ufe0f \u0130\u015f prinsipi:<\/strong><\/h3>

    ModSecurity HTTP sor\u011fular\u0131n\u0131 (GET, POST, HEADER v\u0259 s.) yoxlay\u0131r v\u0259 t\u0259hl\u00fck\u0259 yarada bil\u0259c\u0259k n\u00fcmun\u0259l\u0259ri<\/strong> \u00f6nc\u0259d\u0259n t\u0259yin edilmi\u015f qaydalar toplusu (ruleset)<\/strong> il\u0259 m\u00fcqayis\u0259 edir. \u018fg\u0259r uy\u011funsuzluq varsa:<\/p>

    • Blok edir,<\/p><\/li>

    • Log fayllar\u0131na yaz\u0131r,<\/p><\/li>

    • Administratoru x\u0259b\u0259rdar edir.<\/p><\/li><\/ul>

      \ud83d\udce6 \u018fn \u00e7ox istifad\u0259 olunan qayda paketl\u0259ri:<\/strong><\/h3>

      • OWASP Core Rule Set (CRS):<\/strong> Standart v\u0259 geni\u015f yay\u0131lm\u0131\u015f a\u00e7\u0131q m\u0259nb\u0259li qaydalar toplusudur.<\/p><\/li>

      • Comodo WAF rules:<\/strong> X\u00fcsusi qaydalar t\u0259qdim ed\u0259n kommersiya versiyas\u0131d\u0131r.<\/p><\/li><\/ul>

        \u2705 \u00dcst\u00fcnl\u00fckl\u0259ri:<\/strong><\/h3>

        • A\u00e7\u0131q m\u0259nb\u0259lidir v\u0259 pulsuzdur.<\/p><\/li>

        • \u00c7ox \u00e7evik qayda mexanizmi var.<\/p><\/li>

        • Apache, Nginx v\u0259 IIS il\u0259 i\u015fl\u0259yir.<\/p><\/li>

        • Real vaxtda trafik analizi imkan\u0131 yarad\u0131r.<\/p><\/li><\/ul>

          \u274c \u00c7at\u0131\u015fmazl\u0131qlar\u0131:<\/strong><\/h3>

          • Y\u00fcks\u0259k performans t\u0259l\u0259b ed\u0259n saytlar \u00fc\u00e7\u00fcn b\u0259z\u0259n l\u0259nglik yarada bil\u0259r.<\/p><\/li>

          • Yanl\u0131\u015f m\u00fcsb\u0259t (false positive) n\u0259tic\u0259l\u0259r ola bil\u0259r.<\/p><\/li>

          • Konfiqurasiya v\u0259 qaydalar\u0131n d\u00fczg\u00fcn t\u0259nziml\u0259nm\u0259si t\u0259cr\u00fcb\u0259 t\u0259l\u0259b edir.<\/p><\/li><\/ul>

            \ud83d\udccc N\u0259 \u00fc\u00e7\u00fcn istifad\u0259 olunur?<\/strong><\/h3>

            \u018fg\u0259r bir sayt\u0131n\u0131z varsa v\u0259 t\u0259hl\u00fck\u0259sizlik sizin \u00fc\u00e7\u00fcn vacibdirs\u0259, ModSecurity sistemini aktivl\u0259\u015fdir\u0259r\u0259k veb t\u0259tbiqinizi bir \u00e7ox z\u0259r\u0259rli h\u00fccumdan proaktiv \u015f\u0259kild\u0259 qorumaq<\/strong> m\u00fcmk\u00fcnd\u00fcr.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

            ModSecurity \u2014 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 (WAF). \u041e\u043d\u0443\u043d \u0259sas funksiyas\u0131 veb t\u0259tbiql\u0259ri z\u0259r\u0259rli trafikd\u0259n v\u0259 h\u00fccumlardan qorumaqd\u0131r. \u0412 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Apache, Nginx \u0438 IIS \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438. \ud83d\udd10 ModSecurity \u043d\u0435\u0442? ModSecurity \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 HTTP-\u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438: \u2757 [\u2026]<\/p>","protected":false},"author":1,"featured_media":5611,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-5610","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-computing"],"_links":{"self":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/posts\/5610","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/comments?post=5610"}],"version-history":[{"count":0,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/posts\/5610\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/media\/5611"}],"wp:attachment":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/media?parent=5610"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/categories?post=5610"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/tags?post=5610"}],"curies":[{"name":"WP","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}