Talk With an Expert

Web Log Analysis and Defense with Mod_Rewrite

Web Log Analysis and Defense with Mod_Rewrite (PDF, 2.47MB)Published: 12 Mar, 2013
Created by
Rick Wanner

The production web server, which by necessity must face the Internet, creates a unique problem when it comes to creating a defense plan. Anybody who has every attempted to perform log analysis on the volume of logs created by a production web server understands that web server log analysis can be a daunting task. By concentrating the analysis on the error logs generated by the web server it is possible to reduce the logs to a manageable volume and get a good view into the types of attacks the web server is experiencing. Armed with this analysis and a basic knowledge of regular expressions and the mod_rewrite module built into the Apache web server, it is relatively easy to implement blocking rules for mod_rewrite and reduce the effectiveness of potential attacks against the web server.