Anthony Vaccaro

Thumbnail for post.

Anthony has worked in IT for a decade, first at the University of Queensland and AusCERT before joining APNIC in 2019. He has experience working with variousUNIX-based server operating systems, although his expertise lies with Linux, and he enjoys understanding the internals of operating systems and finding the cause of bottlenecks, performance issues and other problems.

Anthony has had a background in security from an early age, being interested in hacking since he was a teenager. These days, he works as a defender and blue-teamer, but he has experience with web application pen testing and network-based attacks as well.

Defend your Web Apps for free with mod Security

Thumbnail for post.

Overview

Everyone uses web apps these days. They’re so easy to access, you can use them on your phone! But their openness and accessibility also means they’re constantly being probed for vulnerabilities by web scanners. In order to avoid being the next company to go through an expensive data breach, you need a WAF!

This talk will go through the process of protecting a generic web application using the free, open source WAF called mod_security. We’ll demonstrate how to run mod_security on a Linux host running the Apache web server and give an outline of the types of common attacks that are prevented with just an hour or two of work.

Course Outline

This webinar will cover the following topics:

  • Intro – Web applications & WAFs
  • mod_security – introduction & features
  • Demonstration of mod_security on a Linux server
  • Advanced usage & customisation
  • Q&A