Building a web-based application monitoring and managing Modsecurity

Abstract

Nowadays, Web applications are almost omnipresent. The Web has become a platform for information transfer and eCommerce systems, mobile services, social networks, and distributed learning environments. Engineering Web applications involve many inherent challenges due to their distributed nature, content orientation, and the requirement to make them available to a broad spectrum of unknown users in advance. Because of its import role, web applications have become an engaging target for attackers. In recent years, the number of web application attacks has quickly increased. According to The Verizon 2020 data breach Investigation Report (DBIR), 43% of breaches could have originated from web application attacks – more than double the results from last year. To protect web application, many major web application security best practices have been applied, such as web application firewall secure programming approach and. One of popular web application firewall is Modsecurity which is a web application a module for the Apache HTTP server with tools such as existing SAMPP (Apache , Modsecurity) , Logstash , Filebeat , Elasticsearch , Kibana and other databases are used. Modsecurity does not support a graphical interface. Therefore, this project will examine Modsecurity and develop a web-based application for supporting Modsecurity.