{"id":22665302,"url":"https://github.com/volkansah/modsecurity-rule-to-block-sql-injection-attacks-in-php","last_synced_at":"2025-04-11T18:07:38.861Z","repository":{"id":189922503,"uuid":"606569069","full_name":"VolkanSah/ModSecurity-rule-to-block-SQL-injection-attacks-in-PHP","owner":"VolkanSah","description":"Example:  ModSecurity rule to block SQL injection attacks in PHP","archived":false,"fork":false,"pushed_at":"2024-10-20T10:21:39.000Z","size":18,"stargazers_count":6,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-11T18:04:15.512Z","etag":null,"topics":["php","security","waf"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/VolkanSah.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["volkansah"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"lfx_crowdfunding":null,"custom":null}},"created_at":"2023-02-25T22:00:53.000Z","updated_at":"2024-11-26T10:13:50.000Z","dependencies_parsed_at":"2023-08-22T12:27:55.091Z","dependency_job_id":"340b32c6-0660-4b82-b7fa-b5ce7e89c4b2","html_url":"https://github.com/VolkanSah/ModSecurity-rule-to-block-SQL-injection-attacks-in-PHP","commit_stats":null,"previous_names":["volkansah/modsecurity-rule-to-block-sql-injection-attacks-in-php"],"tags_count":0,"template":true,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VolkanSah%2FModSecurity-rule-to-block-SQL-injection-attacks-in-PHP","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VolkanSah%2FModSecurity-rule-to-block-SQL-injection-attacks-in-PHP/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VolkanSah%2FModSecurity-rule-to-block-SQL-injection-attacks-in-PHP/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VolkanSah%2FModSecurity-rule-to-block-SQL-injection-attacks-in-PHP/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/VolkanSah","download_url":"https://codeload.github.com/VolkanSah/ModSecurity-rule-to-block-SQL-injection-attacks-in-PHP/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248456374,"owners_count":21106602,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["php","security","waf"],"created_at":"2024-12-09T13:30:01.591Z","updated_at":"2025-04-11T18:07:38.831Z","avatar_url":"https://github.com/VolkanSah.png","language":null,"funding_links":["https://github.com/sponsors/volkansah"],"categories":[],"sub_categories":[],"readme":"\n# ModSecurity Rule to Block SQL Injection Attacks in PHP\n###### Updated 2024\n\nTipps: [ModSecurity Webserver Protection Guide](https://github.com/VolkanSah/ModSecurity-Webserver-Protection-Guide/)\n\nModSecurity is an open-source web application firewall (WAF) that can protect your PHP applications from a variety of attacks, including SQL injection, cross-site scripting (XSS), and other common web exploits.\n\n## Installation and Configuration of ModSecurity\nModSecurity is available as a module for popular web servers like Apache and Nginx. \n\n### Steps to Install ModSecurity\n1. **For Apache:**\n   ```bash\n   sudo apt-get install libapache2-mod-security2\n   ```\n   After installation, enable ModSecurity:\n   ```bash\n   sudo a2enmod security2\n   ```\n\n2. **For Nginx:**\n   First, install the necessary software:\n   ```bash\n   sudo apt-get install nginx modsecurity\n   ```\n   Then, activate the ModSecurity module in Nginx by adding the following to your server configuration:\n   ```nginx\n   modsecurity on;\n   modsecurity_rules_file /etc/nginx/modsec/modsecurity.conf;\n   ```\n\n## Configuring ModSecurity\nConfigure your web server to load the ModSecurity rules and enable it for the relevant virtual host or directory.\n\n### Basic Configuration Example\nFor Apache, add the following to your site's configuration:\n```apache\n\u003cIfModule mod_security2.c\u003e\n    Include /etc/modsecurity/*.conf\n    Include /etc/modsecurity/rules/*.conf\n\u003c/IfModule\u003e\n```\nFor Nginx, you might add:\n```nginx\nserver {\n    location / {\n        modsecurity on;\n        modsecurity_rules_file /etc/nginx/modsecurity.d/*.conf;\n    }\n}\n```\n\n## Writing ModSecurity Rules\nYou will need to write ModSecurity rules to protect your PHP files from common web attacks. Here’s an example ModSecurity rule to block SQL injection attacks in PHP:\n\n```php\nSecRule REQUEST_FILENAME \"\\.php$\" \\\n    \"id:1,\\\n     phase:2,\\\n     block,\\\n     t:none,\\\n     msg:'SQL injection attempt',\\\n     chain\"\n\nSecRule ARGS \"(select|union|from|where|having|order by|group by)\" \\\n    \"t:none,\\\n     t:urlDecodeUni,\\\n     t:htmlEntityDecode,\\\n     t:compressWhiteSpace,\\\n     deny,\\\n     status:403,\\\n     log,\\\n     msg:'SQL injection attempt'\"\n```\n\n## Testing Your ModSecurity Rules\nIt's crucial to test your rules in a controlled environment to ensure they do not block legitimate requests or cause unexpected behavior.\n\n### Tools for Testing\n- ModSecurity’s built-in logging and debugging features.\n- Online web application scanners.\n- Third-party testing tools.\n\nRemember, while ModSecurity can significantly enhance your application's security, it is not foolproof. Always use secure coding practices and input validation alongside ModSecurity to protect your PHP applications fully.\n\n## Credits\n[Volkan Sah](https://github.com/volkansah)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvolkansah%2Fmodsecurity-rule-to-block-sql-injection-attacks-in-php","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvolkansah%2Fmodsecurity-rule-to-block-sql-injection-attacks-in-php","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvolkansah%2Fmodsecurity-rule-to-block-sql-injection-attacks-in-php/lists"}