Anthony Vaccaro

Thumbnail for post.

Anthony has worked in IT for a decade, first at the University of Queensland and AusCERT before joining APNIC in 2019. He has experience working with variousUNIX-based server operating systems, although his expertise lies with Linux, and he enjoys understanding the internals of operating systems and finding the cause of bottlenecks, performance issues and other problems.

Anthony has had a background in security from an early age, being interested in hacking since he was a teenager. These days, he works as a defender and blue-teamer, but he has experience with web application pen testing and network-based attacks as well.

Defend Your Web Apps for Free with ModSecurity

Thumbnail for post.

Overview

Course Overview

Everyone uses web apps these days. They’re so easy to access, you can use them on your phone! But their openness and accessibility also means they’re constantly being probed for vulnerabilities by web scanners. In order to avoid being the next company to go through an expensive data breach, you need a WAF!

This course will go through the process of protecting a generic web application using the free, open source WAF called mod_security. We’ll demonstrate how to run mod_security on a Linux host running the Apache web server and give an outline of the types of common attacks that are prevented with just an hour or two of work.

Course Outline

This course will cover the following topics:

  • Intro – Web applications & WAFs
  • mod_security – introduction & features
  • Demonstration of mod_security on a Linux server
  • Advanced usage & customisation

Course Materials

Slides: Defend Your Web Apps for Free with ModSecurityDownload

Anthony Rusdi

Thumbnail for post.

Anthony is a DevOps Engineer at an Indonesian e-commerce company, mostly dealing with Kubernetes infrastructure and deployment stacks.

His area of interests are Linux, Open Source, and Automation.

Anthony shares his knowledge as a volunteer community trainer.

Dibya Khatiwada

Thumbnail for post.

Dibya works as a peering coordinator at Packet Clearing House (PCH), responsible for interconnection of PCH’s DNS Anycast network with networks around the world meeting at different Internet eXchange Points.

With over 10 years of experience in the field, Dibya has been an active contributor at local and regional events like npNOG, SANOG, APRICOT on a variety of topics such as Network Monitoring and Management, BGP routing and Internet of Things.

Dibya shares his knowledge as a retained community trainer for APNIC.