Software introduction:
Safe3waf is the first in ChinaFreeLinux lightweight Web Reverse Proxy Security Gateway, using a architecture similar to nginx with less memory and high concurrency. As the front end of the web server, no
However, it can defend against various hacker attacks, Cache Server-related requests to speed up Web servers, and provide website Cluster load balancing and other functions.
Currently, users of the safe3waf website in mainland China include Sohu and the National University of Defense Technology.
Functions:
1. Intercept get SQL Injection
2. Intercept post SQL Injection
3. Intercept cookie SQL Injection
4. XSS cross-site attack Interception
5. Web overflow attack Interception
6. Intercept website information leakage attacks
7. intercept illegal HTTP Request Method attacks
8. Web Server Load balancer Function
9. Web page compression to save bandwidth
10. Web Acceleration
: Http://www.safe3.com.cn/safe3waf-3.1.zip (after decompression package containing instructions 、safe3waf-3.1.tar.gz)
1. installation steps:
(System requirements: Linux 2.6 + kernel. In this article, the Linux operating system is centos 5.5)
Tar zxvf safe3waf-3.1.tar.gz
CD safe3waf-3.1
Make install // install it in the/usr/local/safe3waf/directory by default. You can modify the installation path in makefile by yourself.
2. modify the configuration file
VI/usr/local/safe3waf/etc/safe3waf. confwebserver 192.168.2.171 80 is changed to the address of the website to be protected. You can add multiple sections for load balancing.
3. Start safe3waf
Ulimit-shn 65535/usr/local/safe3waf/bin/safe3waf. Sh start
4. Configure auto-start upon startup
Add the following content at the end of VI/etc/rc. Local: Reference ulimit-shn 65535/usr/local/safe3waf/bin/safe3waf. Sh start
5. Optimize Linux Kernel Parameters
/Usr/local/safe3waf/bin/optimiz_kernel.sh
Now you can use the security protection of safe3waf for free.
By default, hacker attack logs are recorded in/usr/local/safe3waf/log/attack. log.
You can view the interception log:
1. Web Request Method
2. Attack IP Address
3. hacker attack content