SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThe production web server, which by necessity must face the Internet, creates a unique problem when it comes to creating a defense plan. Anybody who has every attempted to perform log analysis on the volume of logs created by a production web server understands that web server log analysis can be a daunting task. By concentrating the analysis on the error logs generated by the web server it is possible to reduce the logs to a manageable volume and get a good view into the types of attacks the web server is experiencing. Armed with this analysis and a basic knowledge of regular expressions and the mod_rewrite module built into the Apache web server, it is relatively easy to implement blocking rules for mod_rewrite and reduce the effectiveness of potential attacks against the web server.