{"id":2050,"date":"2019-09-06T22:02:02","date_gmt":"2019-09-06T15:02:02","guid":{"rendered":"https:\/\/tino.vn\/?post_type=ht_kb&#038;p=2050"},"modified":"2020-03-05T14:15:47","modified_gmt":"2020-03-05T07:15:47","slug":"goi-quy-tac-modsecurity-cho-cyberpanel","status":"publish","type":"ht_kb","link":"https:\/\/tino.vn\/blog\/docs\/goi-quy-tac-modsecurity-cho-cyberpanel\/","title":{"rendered":"G\u00f3i quy t\u1eafc MODSECURITY cho CyberPanel"},"content":{"rendered":"<p><iframe loading=\"lazy\" src=\"\/\/www.youtube.com\/embed\/4yhAQ0bAQuQ\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>CyberPanel h\u1ed7 tr\u1ee3 k\u00edch ho\u1ea1t c\u00e1c g\u00f3i rule Mod_security\u00a0 c\u1ee7a OWASP v\u00e0 COMODO, \u0111\u00e2y l\u00e0 2 t\u1ed5 ch\u1ee9c chuy\u00ean ph\u00e1t tri\u1ec3n c\u00e1c rule Mod_Security hi\u1ec7n t\u1ea1i.<\/p>\n<p>CH\u1ee8C N\u0102NG ModSecurity<br \/>\nModSecurity ho\u1ea1t \u0111\u1ed9ng v\u1edbi ch\u01b0\u01a1ng tr\u00ecnh web server (v\u00ed d\u1ee5: Apache, ho\u1eb7c nh\u01b0 trong CyberPanel l\u00e0 openlitespeed) s\u1ebd th\u1ef1c hi\u1ec7n c\u00e1c t\u00e1c v\u1ee5 nh\u01b0 sau:<\/p>\n<p>Parsing<br \/>\nModSecurity s\u1ebd ph\u00e2n t\u00e1ch c\u00e1c d\u1eef li\u1ec7u lu\u00e2n chuy\u1ec3n qua h\u1ec7 th\u1ed1ng th\u00e0nh c\u1ea5u tr\u00fac d\u1eef li\u1ec7u m\u00e0 ModSecurity \u0111\u1ecbnh ngh\u0129a s\u1eb5n. C\u1ea5u tr\u00fac n\u00e0y s\u1ebd \u0111\u01b0\u1ee3c chuy\u1ec3n qua c\u01a1 ch\u1ebf so tr\u00f9ng m\u1eabu trong t\u1eadp rule \u0111\u1ec3 ph\u00e2n t\u00edch nguy c\u01a1.<\/p>\n<p>Buffering<br \/>\nCh\u1ee9c n\u0103ng buffer (\u0111\u1ec7m) \u0111\u00f3ng vai tr\u00f2 kh\u00e1 quan tr\u1ecdng trong c\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng c\u1ee7a ModSec. Vi\u1ec7c n\u00e0y c\u00f3 \u00fd ngh\u0129a khi c\u00e1c request g\u1edfi \u0111\u1ebfn \u1ee9ng d\u1ee5ng web th\u00ec ph\u1ea3i th\u00f4ng qua ModSecurity tr\u01b0\u1edbc khi \u0111\u1ebfn \u1ee9ng d\u1ee5ng x\u1eed l\u00fd v\u00e0 nh\u1eefng response c\u0169ng s\u1ebd \u0111\u01b0\u1ee3c ph\u00e2n t\u00edch tr\u01b0\u1edbc khi tr\u1ea3 v\u1ec1 ph\u00eda client. C\u01a1 ch\u1ebf n\u00e0y l\u00e0 c\u00e1ch duy nh\u1ea5t \u0111\u1ec3 c\u00f3 th\u1ec3 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng th\u1eddi gian th\u1ef1c, c\u00e1c d\u1eef li\u1ec7u m\u00e0 ModSecurity nh\u1eadn \u0111\u01b0\u1ee3c v\u00e0 ph\u00e2n t\u00edch s\u1ebd \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef trong RAM (bao g\u1ed3m request body v\u00e0 response data)<\/p>\n<p>Logging<br \/>\nModSecurity h\u1ed7 tr\u1ee3 ghi nh\u1eadt k\u00fd c\u00e1c g\u00f3i tin HTTP: request headers, request body, response header, response body nh\u1eb1m h\u1ed7 tr\u1ee3 ng\u01b0\u1eddi qu\u1ea3n tr\u1ecb ph\u00e2n t\u00edch nguy c\u01a1 m\u00e0 h\u1ec7 th\u1ed1ng \u0111ang g\u1eb7p ph\u1ea3i \u0111\u1ec3 c\u00f3 th\u1ec3 ra quy\u1ebft \u0111\u1ecbnh ki\u1ec3m so\u00e1t.<\/p>\n<p>Rule Engine<br \/>\nC\u00e1c t\u1eadp m\u1eabu trong ModSecurity \u0111\u00f3ng vai tr\u00f2 quan tr\u1ecdng trong vi\u1ec7c ph\u00e1t hi\u1ec7n c\u00e1c d\u1ea1ng t\u1ea5n c\u00f4ng v\u00e0 th\u1ef1c hi\u1ec7n ph\u00f2ng ch\u1ed1ng. ModSecurity c\u00f9ng ph\u00e1t tri\u1ec3n v\u1edbi d\u1ef1 \u00e1n OWASP ph\u00e1t tri\u1ec3n c\u00e1c m\u1eabu \u0111\u1ec3 ph\u00e2n t\u00edch v\u00e0 ph\u00f2ng ch\u1ed1ng c\u00e1c t\u1ea5n c\u00f4ng h\u1ec7 th\u1ed1ng web (Tham kh\u1ea3o https:\/\/www.owasp.org\/index.php\/Category:OWASP_ModSecurity_Core_Rule_Set_Project)<\/p>\n<p>COMODO ModSecurity l\u00e0 b\u1ed9 quy t\u1eafc mi\u1ec5n ph\u00ed \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean b\u1edfi \u0111\u1ed9i ng\u0169 chuy\u00ean gia b\u1ea3o m\u1eadt c\u1ee7a COMODO. T\u01b0\u1eddng l\u1eeda \u1ee9ng d\u1ee5ng web (WAF) cung c\u1ea5p c\u00e1c quy t\u1eafc ModSecurity c\u00f3 c\u00e1c t\u00ednh n\u0103ng c\u01a1 b\u1ea3n nh\u01b0 b\u1ea3o v\u1ec7 x\u00e2m nh\u1eadp v\u00e0 filter n\u00e2ng cao.<\/p>\n<p>ModSecurity l\u00e0 m\u1ed9t s\u1ea3n ph\u1ea9m thu\u1ed9c d\u1ef1 \u00e1n OWASP, cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng c\u1ea5u h\u00ecnh, t\u00f9y ch\u1ec9nh c\u00e1c ph\u01b0\u01a1ng th\u1ee9c ph\u00e1t hi\u1ec7n t\u1ea5n c\u00f4ng v\u00e0o web server. Phi\u00ean b\u1ea3n ModSecurity hi\u1ec7n t\u1ea1i \u0111\u00e3 h\u1ed7 tr\u1ee3 Apache, Nginx v\u00e0 IIS. C\u00f9ng v\u1edbi d\u1ef1 \u00e1n ModSecurity Core Rule Set th\u00ec vi\u1ec7c tri\u1ec3n khai h\u1ec7 th\u1ed1ng WAF c\u00e0ng d\u1ec5 d\u00e0ng h\u01a1n cho nh\u00e2n vi\u00ean h\u1ec7 th\u1ed1ng c\u0169ng nh\u01b0 c\u00e1c chuy\u00ean vi\u00ean b\u1ea3o m\u1eadt.<\/p>\n<p>B\u1ea1n c\u00f3 th\u1ec3 l\u1ef1a ch\u1ecdn 1 trong 2 g\u00f3i rule thu\u1ed9c 2\u00a0 t\u1ed5 ch\u1ee9c tr\u00ean \u0111\u1ec3 b\u1ea3o v\u1ec7 website,\u00a0 \u0111\u1ec3 b\u1eadt tr\u00ean CyberPanel:<\/p>\n<p>Truy c\u1eadp CyberPanel &gt;&gt; M\u00e1y ch\u1ee7 &gt;&gt; B\u1ea3o m\u1eadt &gt;&gt; G\u00f3i ModSecurity Rule<\/p>\n<p><a href=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-21.59.00.png\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-2051\" src=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-21.59.00.png\" alt=\"\" width=\"250\" height=\"587\" title=\"\" srcset=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-21.59.00.png 250w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-21.59.00-128x300.png 128w\" sizes=\"(max-width: 250px) 100vw, 250px\" \/><\/a><\/p>\n<p>T\u1ea1i\u00a0 c\u1eeda s\u1ed5 k\u00edch ho\u1ea1t, b\u1ea1n ch\u1ecdn 1 trong 2 g\u00f3i Rule mod_security \u0111\u1ec3 ho\u1ea1t \u0111\u1ed9ng<\/p>\n<p><a href=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.13.png\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-2052\" src=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.13.png\" alt=\"\" width=\"1224\" height=\"681\" title=\"\" srcset=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.13.png 1224w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.13-300x167.png 300w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.13-1024x570.png 1024w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.13-768x427.png 768w\" sizes=\"(max-width: 1224px) 100vw, 1224px\" \/><\/a><\/p>\n<p>B\u1ea1n c\u0169ng c\u00f3 th\u1ec3 t\u1eaft m\u1ed9t s\u1ed1 rule kh\u00f4ng mong mu\u1ed1n b\u1eb1ng c\u00e1ch v\u00e0o c\u1ea5u h\u00ecnh v\u00e0 b\u1eadt t\u1eaft c\u00e1c file rule mod_security<\/p>\n<p><a href=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.33.png\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-2053\" src=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.33.png\" alt=\"\" width=\"1224\" height=\"989\" title=\"\" srcset=\"https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.33.png 1224w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.33-300x242.png 300w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.33-1024x827.png 1024w, https:\/\/tino.vn\/blog\/wp-content\/uploads\/2019\/09\/Screen-Shot-2019-09-06-at-22.00.33-768x621.png 768w\" sizes=\"(max-width: 1224px) 100vw, 1224px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CyberPanel h\u1ed7 tr\u1ee3 k\u00edch ho\u1ea1t c\u00e1c g\u00f3i rule Mod_security\u00a0 c\u1ee7a OWASP v\u00e0 COMODO, \u0111\u00e2y l\u00e0 2 t\u1ed5 ch\u1ee9c chuy\u00ean ph\u00e1t tri\u1ec3n c\u00e1c rule Mod_Security hi\u1ec7n t\u1ea1i. CH\u1ee8C N\u0102NG ModSecurity ModSecurity ho\u1ea1t \u0111\u1ed9ng v\u1edbi ch\u01b0\u01a1ng tr\u00ecnh web server (v\u00ed d\u1ee5: Apache, ho\u1eb7c nh\u01b0 trong CyberPanel l\u00e0 openlitespeed) s\u1ebd th\u1ef1c hi\u1ec7n c\u00e1c t\u00e1c v\u1ee5 nh\u01b0 sau: Parsing [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":2051,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"footnotes":""},"tags":[],"ht_kb_category":[1074],"class_list":["post-2050","ht_kb","type-ht_kb","status-publish","format-standard","has-post-thumbnail","hentry","ht_kb_category-cyber-panel"],"_links":{"self":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb\/2050","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb"}],"about":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/comments?post=2050"}],"version-history":[{"count":0,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb\/2050\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/media\/2051"}],"wp:attachment":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/media?parent=2050"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/tags?post=2050"},{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/ht_kb_category?post=2050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}