{"title":"Exploring and Improving the Usability of ModSecurity Web Application Firewall","authors":"Murat Alagoz, Mevlut Serkan Tok, K. Bicakci","doi":"10.1109/ISCTURKEY53027.2021.9654294","DOIUrl":null,"url":null,"abstract":"ModSecurity is an open-source web application firewall. The correct configuration is key to its effective operation but could be tricky since usability flaws could lead to errors and misconfiguration, threatening the security and availability. In this study, we first conduct the usability inspection of ModSecurity through a hybrid approach consisting of heuristic evaluation and cognitive walkthrough. We find out that ModSecurity has no feedback for semantic errors or successful rule implementation during the rule entry process, and the webserver goes down if there is a syntax error in any implemented rule. We propose a rule checking and feedback mechanism to mitigate these drawbacks. Then, we perform a between-subjects user study to evaluate the effectiveness and usability of our proposed method. The results indicate that unsuccessful rule entry rate and syntax error-related web server downtime significantly reduced with the rule checking and feedback mechanism introduced to ModSecurity. Thereby, we improve ModSecurity’s effectiveness as well as the level of security and availability of ModSecurity-protected web servers.","PeriodicalId":383915,"journal":{"name":"2021 International Conference on Information Security and Cryptology (ISCTURKEY)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Information Security and Cryptology (ISCTURKEY)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCTURKEY53027.2021.9654294","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
ModSecurity is an open-source web application firewall. The correct configuration is key to its effective operation but could be tricky since usability flaws could lead to errors and misconfiguration, threatening the security and availability. In this study, we first conduct the usability inspection of ModSecurity through a hybrid approach consisting of heuristic evaluation and cognitive walkthrough. We find out that ModSecurity has no feedback for semantic errors or successful rule implementation during the rule entry process, and the webserver goes down if there is a syntax error in any implemented rule. We propose a rule checking and feedback mechanism to mitigate these drawbacks. Then, we perform a between-subjects user study to evaluate the effectiveness and usability of our proposed method. The results indicate that unsuccessful rule entry rate and syntax error-related web server downtime significantly reduced with the rule checking and feedback mechanism introduced to ModSecurity. Thereby, we improve ModSecurity’s effectiveness as well as the level of security and availability of ModSecurity-protected web servers.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
