Google Analytic

Perpustakaan Digital UiTM

Infografik 3 komponen utama Model perpustakaan digital UiTM.

Repositori UiTM

The repository is a platform that contains sources of reference materials for learning and research purposes. The UiTM Library provides three repositories that provide a collection of digital materials through the repository of university institutions, Open Access and Local Content Hub.

My Knowledge Management

MyKM Portal provide the complete information search, categorization and personalization services that allow UiTM Library users to harness the collected enterprise knowledge assets from a single, logical point of access.

UiTM Institutional Repository

UiTM IR is a centre of digital collections, act as an open-access repository that collects, preserve and disseminates scholarly output by university members at Universiti Teknologi MARA.

UiTM LIBRARY MOBILE APP

With the mobile app, you can access information wherever you are and whenever you want to get the latest information on our library, access e-resources and many more.

UiTM DIGITAL SERVICES

22 UiTM Digital Services

Showing posts with label Apache. Show all posts
Showing posts with label Apache. Show all posts

Friday, June 17, 2011

PANDUAN PEMASANGAN &KONFIGURASI MOD_SECURITY BAGI APACHE

Apache_logo

Kepada pengguna server web Apache boleh kemaskinikan Mod_Security

Mod_Security adalah merupakan open source firewall bagi aplikasi web yang digunakan bersama-sama dengan server web Apache bagi menangani serangan DDoS HTTP. Mod_Security boleh digunakan pada server web Apache 1.3.x dan 2.0.x

PEMASANGAN MOD_SECURITY PADA WINDOWS APACHE 2

1. Muat turun versi terkini mod_security untuk Ms Windows di URL http://www.apachelounge.com/download/mods/mod_security-2.6.0-win32.zip

2. Cipta folder ‘/modules/mod_security2’ pada Apache dan salin fail-fail‘pcre.dll’, ‘libxml2.dll’ dan ‘mod_security2.so’ ke folder tersebut.

3. Muat turun fail ‘http://www.modsecurity.org/download/modsecurity-core-rules_2.5-1.6.1.tar.gz’ dan ekstrak fail berkenaan ke folder ‘/conf/modsecurity’ pada Apache.

4. Memasang aplikasi ‘Visual C++ 2008 Redistributable Package’.

 

KONFIGURASI MOD_SECURITY

5. Edit fail ‘httpd.conf’ bagi memasang modul Mod_Security pada Apache

# Memasang Mod_Security

LoadModule security2_module modules/mod_security2/mod_security2.so

LoadModule unique_id_module modules/mod_unique_id.so

<IfModule mod_security.c>

# Basic configuration options

SecRuleEngine On

SecRequestBodyAccess On

SecResponseBodyAccess Off

SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace

SecAuditEngine RelevantOnly

SecAuditLogType Serial

SecAuditLog logs/mod_security2.log

# Handling of file uploads

# SecUploadDir /opt/apache-frontend/tmp/

SecUploadKeepFiles Off

# Debug log

SecDebugLog logs/modsec_debug.log

SecDebugLogLevel 0

# Maximum request body size we will

# accept for buffering

SecRequestBodyLimit 131072

# Store up to 128 KB in memory

SecRequestBodyInMemoryLimit 131072

# Buffer response bodies of up to

# 512 KB in length

SecResponseBodyLimit 524288

## General rules

SecRule ARGS "c:/" t:normalisePathWin

SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'"

SecRule ARGS "d:/" t:normalisePathWin

</IfModule>

Include conf/modsecurity/*.conf

 

MENGAKTIFKAN MOD_SECURITY

6. Restart Apache untuk mengaktifkan Mod_Security