►
From YouTube: Web Application Firewall (ModSecurity)
Description
Documentation: https://docs.gitlab.com/ee/topics/web_application_firewall/
This video demonstrates how to install the Web Application Firewall in logging and blocking modes.
Previous video in the series: https://youtu.be/IN-XGE1X8Mo
OWASP Core Rule Set:
- https://coreruleset.org/
- https://github.com/coreruleset/coreruleset/
A
Once
we
have
a
kubernetes
cluster
with
helm
available,
we
can
finally
stall
the
Web
Application,
Firewall
or
wife.
For
short,
you
can
select
whether
you
want
to
enable
or
disable
the
after
installation
and
if
you
choose
to
enable
you
can
also
select
between
log
in
mode
and
blocking
mode
I'm
going
to
leave
it
enable
in
locking
log
in
mode
and
I'm
gonna
click
install
behind-the-scenes,
Helm's,
installing
mode
security
and
deploy
the
OWASP
core
route
rule
set.
You
can
find
a
link
to
the
rules
in
the
video
description.
A
A
We
can
see
that
we've
received
a
couple
events
from
modsecurity.
These
particularly
requests
were
not
blocked,
since
the
graph
is
operating
in
login
mode.
Only
now
I'm
going
to
change
the
web
mode
from
logging
to
blocking.
What's
the
change
is
complete.
We
can
go
to
the
console
and
test
a
few
requests.
First
I'm
gonna
start
the
login
again.
Second
I'm
gonna
make
a
harmless
request.