c++

Powered by Drupal

Whitelisting tools for Apache ModSecurity

Submitted by Sam Hobbs on

auditlog2db-manual.png I have written a CLI utility for Ubuntu to import ModSecurity's audit log file into an sqlite database, which should be a great help to people building whitelists to reduce false positives. This supersedes my previous efforts with BASH scripts. Packages are available for Ubuntu Trusty and Utopic (14.04 & 14.10) in my Personal Package Archive on Launchpad. To create my app I had to learn about:

  • C++ development on Ubuntu including two third party libraries (Boost Regex and SQLite)
  • Version control using Git
  • The GNU build system "Autotools"
  • How to build .deb packages for Ubuntu and Debian
  • How to upload packages to a Personal Package Archive (PPA) on Launchpad

I plan on writing detailed tutorials for most of this, but there's quite a lot to get through so it could take a while!