1. 运行库
Microsoft Visual C++ 2015 Redistributable Package
https://www.microsoft.com/en-us/download/details.aspx?id=53840
http://www.downxia.com/downinfo/29834.html
Mod Security IIS 版
http://www.modsecurity.org/download.html
https://www.modsecurity.org/tarball/2.9.1/ModSecurityIIS_2.9.1-64b.msi
2. 设置
2.1) applilcationHost.config
C:\Windows\System32\inetsrv\config\applicationHost.config
<section name="ModSecurity" overrideModeDefault="Allow" allowDefinition="Everywhere" /></sectionGroup>
2.2) modsecurity.conf
C:\inetpub\wwwroot\owasp_crs\modsecurity.conf
SecRuleEngine On
2.3) web.config
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<ModSecurity enabled="true" configFile="C:\Program Files\ModSecurity IIS\modsecurity_iis.conf" />
</system.webServer>
</configuration>
没有评论:
发表评论