{"id":3186,"date":"2026-04-28T07:50:14","date_gmt":"2026-04-28T07:50:14","guid":{"rendered":"https:\/\/maram.iq\/blogs\/?p=3186"},"modified":"2026-04-28T12:49:30","modified_gmt":"2026-04-28T09:49:30","slug":"%d8%b4%d8%b1%d8%ad-modsecurity-2026-%d8%aa%d8%ad%d9%85%d9%8a-%d9%85%d9%88%d9%82%d8%b9%d9%83-sql","status":"publish","type":"post","link":"https:\/\/maram.iq\/blogs\/%d8%b4%d8%b1%d8%ad-modsecurity-2026-%d8%aa%d8%ad%d9%85%d9%8a-%d9%85%d9%88%d9%82%d8%b9%d9%83-sql\/","title":{"rendered":"\u0634\u0631\u062d ModSecurity 2026: \u0643\u064a\u0641 \u062a\u062d\u0645\u064a \u0645\u0648\u0642\u0639\u0643 \u0645\u0646 SQL Injection \u0648 XSS"},"content":{"rendered":"\n<div style=\"background:linear-gradient(135deg,#0f172a,#7c2d12);color:#fff;padding:2.5rem;border-radius:16px;margin-bottom:2rem;text-align:center\">\n<p style=\"font-size:3rem;margin:0 0 .5rem\"><\/p>\n<h2 style=\"color:#fff!important;font-size:1.5rem;margin:0 0 .5rem\" id=\"section-1\">\u0634\u0631\u062d ModSecurity 2026: \u0627\u0644\u062c\u062f\u0627\u0631 \u0627\u0644\u0646\u0627\u0631\u064a \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628<\/h2>\n<p style=\"margin:0\">\u062f\u0644\u064a\u0644 \u0639\u0645\u0644\u064a \u0634\u0627\u0645\u0644 \u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0642\u0639\u0643 \u0645\u0646 SQL Injection \u0648 XSS \u0648\u0623\u062e\u0637\u0631 \u0647\u062c\u0645\u0627\u062a OWASP Top 10<\/p>\n<\/div>\n\n\n\n<p>\u0634\u0631\u062d ModSecurity \u0623\u0635\u0628\u062d \u0645\u0646 \u0623\u0647\u0645 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639 \u0627\u0644\u062a\u064a \u064a\u062c\u0628 \u0639\u0644\u0649 \u0643\u0644 \u0645\u062f\u064a\u0631 \u0633\u064a\u0631\u0641\u0631 \u0623\u0648 \u0645\u0627\u0644\u0643 \u0645\u0648\u0642\u0639 \u0641\u0647\u0645\u0647\u0627 \u0641\u064a \u0639\u0627\u0645 2026\u060c \u0641\u0645\u0639 \u062a\u0635\u0627\u0639\u062f \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a\u0629 \u0628\u0634\u0643\u0644 \u063a\u064a\u0631 \u0645\u0633\u0628\u0648\u0642 \u0648\u062a\u0637\u0648\u0631 \u062a\u0642\u0646\u064a\u0627\u062a \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628\u060c \u0644\u0645 \u064a\u0639\u062f \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f \u0639\u0644\u0649 \u062c\u062f\u0627\u0631 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u062a\u0642\u0644\u064a\u062f\u064a \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0634\u0628\u0643\u0629 \u0643\u0627\u0641\u064a\u0627\u064b \u0644<a href=\"https:\/\/maram.iq\/blogs\/%d8%b4%d9%87%d8%a7%d8%af%d8%a9-ssl-%d8%a7%d9%84%d8%af%d9%84%d9%8a%d9%84-%d8%a7%d9%84%d8%b4%d8%a7%d9%85%d9%84-%d9%84%d8%aa%d8%a3%d9%85%d9%8a%d9%86-%d9%85%d9%88%d9%82%d8%b9%d9%83\/\">\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u0645\u0648\u0627\u0642\u0639<\/a>. \u0647\u0646\u0627 \u064a\u0623\u062a\u064a \u062f\u0648\u0631 \u0634\u0631\u062d ModSecurity \u0643\u062d\u0644 \u0645\u062a\u0643\u0627\u0645\u0644 \u0648\u0641\u0639\u0651\u0627\u0644 \u064a\u0639\u0645\u0644 \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0646\u0641\u0633\u0647\u060c \u0648\u064a\u0641\u062d\u0635 \u0643\u0644 \u0637\u0644\u0628 HTTP \u0642\u0628\u0644 \u0648\u0635\u0648\u0644\u0647 \u0625\u0644\u0649 \u0645\u0648\u0642\u0639\u0643 \u0648\u064a\u062d\u0644\u0651\u0644 \u0645\u062d\u062a\u0648\u0627\u0647 \u0628\u062d\u062b\u0627\u064b \u0639\u0646 \u0623\u064a \u0645\u062d\u0627\u0648\u0644\u0629 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062e\u0628\u064a\u062b\u0629.<\/p>\n\n\n\n<p>\u0641\u064a \u0647\u0630\u0627 \u0627\u0644\u062f\u0644\u064a\u0644 \u0627\u0644\u0645\u062a\u0643\u0627\u0645\u0644 \u0633\u0646\u0642\u062f\u0645 \u0634\u0631\u062d ModSecurity \u0645\u0646 \u0627\u0644\u0635\u0641\u0631 \u062d\u062a\u0649 \u0627\u0644\u0627\u062d\u062a\u0631\u0627\u0641\u060c \u0628\u062f\u0621\u0627\u064b \u0645\u0646 \u0641\u0647\u0645 \u0622\u0644\u064a\u0629 \u0639\u0645\u0644\u0647 \u0643\u062c\u062f\u0627\u0631 \u0646\u0627\u0631\u064a \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 (Web Application Firewall)\u060c \u0645\u0631\u0648\u0631\u0627\u064b \u0628\u062e\u0637\u0648\u0627\u062a \u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u0639\u0645\u0644\u064a\u0629 \u0639\u0644\u0649 Apache \u0648 Nginx\u060c \u0648\u0635\u0648\u0644\u0627\u064b \u0625\u0644\u0649 \u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f \u0645\u062e\u0635\u0635\u0629 \u0648\u062a\u062d\u0644\u064a\u0644 \u0633\u062c\u0644\u0627\u062a \u0627\u0644\u062d\u0645\u0627\u064a\u0629. \u0633\u0648\u0627\u0621 \u0643\u0646\u062a \u062a\u062f\u064a\u0631 \u0645\u0648\u0642\u0639 \u0648\u0648\u0631\u062f\u0628\u0631\u064a\u0633 \u0635\u063a\u064a\u0631 \u0623\u0648 \u0645\u0646\u0635\u0629 \u062a\u062c\u0627\u0631\u0629 \u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a\u0629 \u0643\u0628\u064a\u0631\u0629\u060c \u0641\u0625\u0646 \u0625\u062a\u0642\u0627\u0646 \u0634\u0631\u062d ModSecurity \u0633\u064a\u0645\u0646\u062d\u0643 \u0637\u0628\u0642\u0629 \u062d\u0645\u0627\u064a\u0629 \u0623\u0633\u0627\u0633\u064a\u0629 \u0644\u0627 \u063a\u0646\u0649 \u0639\u0646\u0647\u0627 \u0636\u062f \u0623\u062e\u0637\u0631 \u062a\u0647\u062f\u064a\u062f\u0627\u062a \u0627\u0644\u0625\u0646\u062a\u0631\u0646\u062a.<\/p>\n\n\n\n<div class=\"table-of-contents\" style=\"background:#f8fafc;border:1px solid #e2e8f0;border-radius:12px;padding:1.5rem;margin:1.5rem 0;\"><p style=\"font-weight:700;font-size:1.05rem;margin-bottom:.75rem;\">\u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0645\u0642\u0627\u0644<\/p><ul style=\"list-style:none;padding:0;margin:0;\">\n<li style=\"padding:.35rem 0\"><a href=\"#section-2\">1. \u0645\u0627 \u0647\u0648 ModSecurity \u0648\u0644\u0645\u0627\u0630\u0627 \u062a\u062d\u062a\u0627\u062c\u0647\u061f<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-3\">2. \u0643\u064a\u0641 \u064a\u0639\u0645\u0644 ModSecurity \u0643\u0640 Web Application Firewall (WAF)\u061f<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-4\">3. \u062a\u062b\u0628\u064a\u062a ModSecurity \u0639\u0644\u0649 Apache (\u062f\u0644\u064a\u0644 \u0639\u0645\u0644\u064a)<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-5\">4. \u062a\u062b\u0628\u064a\u062a ModSecurity \u0639\u0644\u0649 Nginx<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-6\">5. \u062a\u0641\u0639\u064a\u0644 OWASP Core Rule Set (CRS)<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-7\">6. \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a SQL Injection<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-8\">7. \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a XSS (Cross-Site Scripting)<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-9\">8. \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a RFI \u0648 LFI<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-10\">9. \u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f ModSecurity \u0645\u062e\u0635\u0635\u0629<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-11\">10. \u062a\u062d\u0644\u064a\u0644 \u0633\u062c\u0644\u0627\u062a ModSecurity \u0648\u0641\u0647\u0645\u0647\u0627<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-12\">11. \u062a\u062d\u0633\u064a\u0646 \u0623\u062f\u0627\u0621 ModSecurity \u0648\u062a\u0642\u0644\u064a\u0644 False Positives<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-13\">12. \u0625\u062f\u0627\u0631\u0629 ModSecurity \u0645\u0646 cPanel<\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-14\">13. ModSecurity vs ImunifyAV vs Cloudflare WAF<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-15\">14. \u0627\u0644\u062e\u0644\u0627\u0635\u0629<\/a><\/li>\n<li style=\"padding:.35rem 0\"><a href=\"#section-16\">15. \u0627\u0644\u0623\u0633\u0626\u0644\u0629 \u0627\u0644\u0634\u0627\u0626\u0639\u0629<\/a><\/li>\n<\/ul><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-2\">\u0645\u0627 \u0647\u0648 ModSecurity \u0648\u0644\u0645\u0627\u0630\u0627 \u062a\u062d\u062a\u0627\u062c\u0647\u061f<\/h2>\n\n\n\n<p>ModSecurity \u0647\u0648 \u0645\u0634\u0631\u0648\u0639 \u0645\u0641\u062a\u0648\u062d \u0627\u0644\u0645\u0635\u062f\u0631 \u064a\u064f\u0639\u062f \u0627\u0644\u062c\u062f\u0627\u0631 \u0627\u0644\u0646\u0627\u0631\u064a \u0627\u0644\u0623\u0643\u062b\u0631 \u0634\u0639\u0628\u064a\u0629 \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0639\u0627\u0644\u0645\u060c \u062a\u0645 \u062a\u0637\u0648\u064a\u0631\u0647 \u0623\u0648\u0644 \u0645\u0631\u0629 \u0639\u0627\u0645 2002 \u0639\u0644\u0649 \u064a\u062f \u0625\u064a\u0641\u0627\u0646 \u0631\u064a\u0633\u062a\u064a\u062a\u0634 (Ivan Risti\u0107)\u060c \u062b\u0645 \u0627\u0646\u062a\u0642\u0644 \u0644\u0627\u062d\u0642\u0627\u064b \u0625\u0644\u0649 \u0634\u0631\u0643\u0629 Trustwave SpiderLabs\u060c \u0648\u0641\u064a \u0639\u0627\u0645 2024 \u0623\u0635\u0628\u062d \u062a\u062d\u062a \u0631\u0639\u0627\u064a\u0629 \u0645\u0624\u0633\u0633\u0629 OWASP. \u064a\u0639\u0645\u0644 \u0647\u0630\u0627 \u0627\u0644\u062c\u062f\u0627\u0631 \u0627\u0644\u0646\u0627\u0631\u064a \u0643\u0648\u062d\u062f\u0629 (module) \u062f\u0627\u062e\u0644 \u062e\u0627\u062f\u0645 \u0627\u0644\u0648\u064a\u0628\u060c \u0648\u064a\u0642\u0648\u0645 \u0628\u0641\u062d\u0635 \u0643\u0644 \u0637\u0644\u0628\u0627\u062a HTTP \u0627\u0644\u0648\u0627\u0631\u062f\u0629 \u0648\u0627\u0644\u0635\u0627\u062f\u0631\u0629 \u0641\u064a \u0627\u0644\u0648\u0642\u062a \u0627\u0644\u0641\u0639\u0644\u064a\u060c \u0645\u0642\u0627\u0631\u0646\u0629\u064b \u0625\u064a\u0627\u0647\u0627 \u0628\u0645\u062c\u0645\u0648\u0639\u0629 \u0645\u0646 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0645\u064f\u0639\u0631\u0651\u0641\u0629 \u0645\u0633\u0628\u0642\u0627\u064b \u0644\u0644\u0643\u0634\u0641 \u0639\u0646 \u0623\u064a \u0646\u0634\u0627\u0637 \u062e\u0628\u064a\u062b \u0648\u062d\u062c\u0628\u0647 \u0642\u0628\u0644 \u0648\u0635\u0648\u0644\u0647 \u0625\u0644\u0649 \u0627\u0644\u062a\u0637\u0628\u064a\u0642.<\/p>\n\n\n\n<p><strong>\u0642\u0628\u0644 \u0642\u0631\u0627\u0621\u0629 \u0647\u0630\u0627 \u0627\u0644\u0645\u0642\u0627\u0644:<\/strong> \u0625\u0630\u0627 \u0643\u0646\u062a \u0645\u0628\u062a\u062f\u0626\u0627\u064b \u0641\u064a \u0639\u0627\u0644\u0645 \u0623\u0645\u0646 \u0627\u0644\u0645\u0648\u0627\u0642\u0639\u060c \u0646\u0646\u0635\u062d\u0643 \u0628\u0642\u0631\u0627\u0621\u0629 <a href=\"https:\/\/maram.iq\/blogs\/%d8%b4%d9%87%d8%a7%d8%af%d8%a9-ssl-%d8%a7%d9%84%d8%af%d9%84%d9%8a%d9%84-%d8%a7%d9%84%d8%b4%d8%a7%d9%85%d9%84-%d9%84%d8%aa%d8%a3%d9%85%d9%8a%d9%86-%d9%85%d9%88%d9%82%d8%b9%d9%83\/\">\u062f\u0644\u064a\u0644 \u0634\u0647\u0627\u062f\u0627\u062a SSL<\/a> \u0648<a href=\"https:\/\/maram.iq\/blogs\/%d8%aa%d8%ad%d9%85%d9%8a-%d9%85%d9%88%d9%82%d8%b9-%d9%88%d9%88%d8%b1%d8%af%d8%a8%d8%b1%d9%8a%d8%b3-%d9%87%d8%ac%d9%85%d8%a7%d8%aa-%d8%b4%d8%a7%d8%a6%d8%b9%d8%a9-2026\/\">\u062d\u0645\u0627\u064a\u0629 \u0648\u0648\u0631\u062f\u0628\u0631\u064a\u0633 \u0645\u0646 7 \u0647\u062c\u0645\u0627\u062a \u0634\u0627\u0626\u0639\u0629<\/a> \u0623\u0648\u0644\u0627\u064b. \u0643\u0630\u0644\u0643 \u0625\u0630\u0627 \u0643\u0646\u062a \u062a\u062f\u064a\u0631 \u0633\u064a\u0631\u0641\u0631 VPS\u060c \u0627\u0637\u0644\u0639 \u0639\u0644\u0649 <a href=\"https:\/\/maram.iq\/blogs\/%d8%aa%d8%a3%d9%85%d9%8a%d9%86-%d8%b3%d9%8a%d8%b1%d9%81%d8%b1-linux\/\">\u062f\u0644\u064a\u0644 \u062a\u0623\u0645\u064a\u0646 \u0633\u064a\u0631\u0641\u0631 Linux \u0641\u064a 15 \u062f\u0642\u064a\u0642\u0629<\/a>.<\/p>\n\n\n\n<p>\u0627\u0644\u062d\u0627\u062c\u0629 \u0625\u0644\u0649 ModSecurity \u0623\u0635\u0628\u062d\u062a \u0645\u0644\u062d\u0651\u0629 \u062c\u062f\u0627\u064b \u0641\u064a 2026\u060c \u0641\u0628\u062d\u0633\u0628 \u062a\u0642\u0627\u0631\u064a\u0631 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0627\u0644\u062d\u062f\u064a\u062b\u0629\u060c \u0641\u0625\u0646 \u0623\u0643\u062b\u0631 \u0645\u0646 70% \u0645\u0646 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0646\u0627\u062c\u062d\u0629 \u0639\u0644\u0649 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 \u062a\u0633\u062a\u0647\u062f\u0641 \u0637\u0628\u0642\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0648\u0644\u064a\u0633 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629\u060c \u0623\u064a \u0623\u0646 \u0627\u0644\u062c\u062f\u0631\u0627\u0646 \u0627\u0644\u0646\u0627\u0631\u064a\u0629 \u0627\u0644\u062a\u0642\u0644\u064a\u062f\u064a\u0629 \u0645\u062b\u0644 iptables \u0648 UFW \u0639\u0627\u062c\u0632\u0629 \u0639\u0646 \u0635\u062f\u0651\u0647\u0627 \u0644\u0623\u0646\u0647\u0627 \u0644\u0627 \u062a\u0641\u0647\u0645 \u0645\u062d\u062a\u0648\u0649 \u0637\u0644\u0628\u0627\u062a HTTP. \u0647\u0646\u0627 \u062a\u0623\u062a\u064a \u0642\u0648\u0629 ModSecurity \u0641\u064a \u0641\u062d\u0635 \u0645\u062d\u062a\u0648\u0649 \u0643\u0644 \u0637\u0644\u0628: \u062a\u0631\u0648\u064a\u0633\u0627\u062a HTTP\u060c \u0645\u0639\u0627\u0645\u0644\u0627\u062a GET \u0648 POST\u060c \u0627\u0644\u0643\u0648\u0643\u064a\u0632\u060c \u062d\u062a\u0649 \u0645\u062d\u062a\u0648\u0649 \u0631\u0641\u0639 \u0627\u0644\u0645\u0644\u0641\u0627\u062a\u060c \u0648\u0643\u0644\u0647\u0627 \u062a\u062e\u0636\u0639 \u0644\u062a\u062d\u0644\u064a\u0644 \u062f\u0642\u064a\u0642 \u0642\u0628\u0644 \u062a\u0633\u0644\u064a\u0645\u0647\u0627 \u0644\u0644\u062a\u0637\u0628\u064a\u0642.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0644\u0645\u0632\u0627\u064a\u0627 \u0627\u0644\u0631\u0626\u064a\u0633\u064a\u0629 \u0644\u0627\u0633\u062a\u062e\u062f\u0627\u0645 ModSecurity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a OWASP Top 10 \u0628\u0634\u0643\u0644 \u0634\u0627\u0645\u0644 \u0648\u0645\u064f\u062a\u0643\u0627\u0645\u0644.<\/li>\n\n\n\n<li>\u0642\u0627\u0628\u0644\u064a\u0629 \u0627\u0644\u062a\u0648\u0633\u0639 \u0648\u0627\u0644\u062a\u062e\u0635\u064a\u0635 \u0639\u0628\u0631 \u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f \u062e\u0627\u0635\u0629 \u0628\u0637\u0628\u064a\u0639\u0629 \u0645\u0648\u0642\u0639\u0643.<\/li>\n\n\n\n<li>\u0633\u062c\u0644\u0627\u062a \u062a\u0641\u0635\u064a\u0644\u064a\u0629 \u062a\u0633\u0627\u0639\u062f \u0641\u064a \u0627\u0644\u062a\u062d\u0642\u064a\u0642 \u0627\u0644\u062c\u0646\u0627\u0626\u064a \u0627\u0644\u0631\u0642\u0645\u064a \u0628\u0639\u062f \u0627\u0644\u062d\u0648\u0627\u062f\u062b.<\/li>\n\n\n\n<li>\u062f\u0639\u0645 Virtual Patching \u0644\u0625\u0635\u0644\u0627\u062d \u062b\u063a\u0631\u0627\u062a \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0642\u0628\u0644 \u062a\u062d\u062f\u064a\u062b\u0647\u0627 \u0631\u0633\u0645\u064a\u0627\u064b.<\/li>\n\n\n\n<li>\u0639\u0645\u0644 \u0636\u0645\u0646 \u0646\u0641\u0633 \u0639\u0645\u0644\u064a\u0629 \u062e\u0627\u062f\u0645 \u0627\u0644\u0648\u064a\u0628 \u0645\u0645\u0627 \u064a\u0642\u0644\u0644 overhead \u0627\u0644\u0634\u0628\u0643\u0629.<\/li>\n\n\n\n<li>\u0645\u062c\u0627\u0646\u064a \u0648\u0645\u0641\u062a\u0648\u062d \u0627\u0644\u0645\u0635\u062f\u0631 \u0628\u0644\u0627 \u0623\u064a \u0631\u0633\u0648\u0645 \u062a\u0631\u062e\u064a\u0635.<\/li>\n\n\n\n<li>\u062f\u0639\u0645 \u0645\u062a\u064a\u0646 \u0645\u0646 \u0645\u062c\u062a\u0645\u0639 OWASP \u0639\u0628\u0631 \u0645\u062c\u0645\u0648\u0639\u0629 CRS \u0627\u0644\u0634\u0647\u064a\u0631\u0629.<\/li>\n<\/ul>\n\n\n\n<p>\u062a\u0633\u062a\u062e\u062f\u0645 \u0622\u0644\u0627\u0641 \u0627\u0644\u0634\u0631\u0643\u0627\u062a \u062d\u0648\u0644 \u0627\u0644\u0639\u0627\u0644\u0645 ModSecurity \u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0627\u0642\u0639\u0647\u0627\u060c \u0645\u0646 \u0628\u0646\u0648\u0643 \u0648\u0645\u0624\u0633\u0633\u0627\u062a \u062d\u0643\u0648\u0645\u064a\u0629 \u0625\u0644\u0649 \u0645\u062a\u0627\u062c\u0631 \u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a\u0629 \u0643\u0628\u0631\u0649. \u0648\u064a\u064f\u0639\u062f \u062c\u0632\u0621\u0627\u064b \u0642\u064a\u0627\u0633\u064a\u0627\u064b \u0645\u0646 \u0645\u0639\u0638\u0645 \u0644\u0648\u062d\u0627\u062a \u062a\u062d\u0643\u0645 \u0627\u0644\u0627\u0633\u062a\u0636\u0627\u0641\u0629 \u0645\u062b\u0644 cPanel \u0648 Plesk \u0648 DirectAdmin\u060c \u0648\u064a\u0645\u0643\u0646 \u062a\u0634\u063a\u064a\u0644\u0647 \u0623\u064a\u0636\u0627\u064b \u0628\u0634\u0643\u0644 \u0645\u0633\u062a\u0642\u0644 \u0639\u0644\u0649 VPS \u0623\u0648 Dedicated Server.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-3\">\u0643\u064a\u0641 \u064a\u0639\u0645\u0644 ModSecurity \u0643\u0640 Web Application Firewall (WAF)\u061f<\/h2>\n\n\n\n<p>\u0644\u0641\u0647\u0645 \u0622\u0644\u064a\u0629 \u0639\u0645\u0644 ModSecurity \u0628\u0639\u0645\u0642\u060c \u064a\u062c\u0628 \u0623\u0646 \u0646\u062a\u0635\u0648\u0631 \u062f\u0648\u0631\u0629 \u062d\u064a\u0627\u0629 \u0637\u0644\u0628 HTTP \u0627\u0644\u0643\u0627\u0645\u0644\u0629 \u0645\u0646\u0630 \u0644\u062d\u0638\u0629 \u0648\u0635\u0648\u0644\u0647 \u0625\u0644\u0649 \u0627\u0644\u0633\u064a\u0631\u0641\u0631 \u062d\u062a\u0649 \u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0648\u0625\u0631\u0633\u0627\u0644 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645. ModSecurity \u064a\u062a\u0645\u0648\u0636\u0639 \u0628\u064a\u0646 \u062e\u0627\u062f\u0645 \u0627\u0644\u0648\u064a\u0628 (Apache \u0623\u0648 Nginx) \u0648\u0628\u064a\u0646 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0641\u0639\u0644\u064a (PHP \u0623\u0648 Python \u0623\u0648 \u063a\u064a\u0631\u0647\u0627)\u060c \u0648\u064a\u0639\u0645\u0644 \u0648\u0641\u0642 \u0646\u0645\u0648\u0630\u062c \u062e\u0645\u0633 \u0645\u0631\u0627\u062d\u0644 (Five Phases) \u062a\u063a\u0637\u064a \u0643\u0644 \u062f\u0648\u0631\u0629 \u0627\u0644\u0637\u0644\u0628 \u0648\u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0628\u0627\u0644\u0643\u0627\u0645\u0644\u060c \u0648\u0647\u0630\u0627 \u0645\u0627 \u064a\u0645\u064a\u0632\u0647 \u0639\u0646 \u0623\u062f\u0648\u0627\u062a \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u062a\u064a \u062a\u0631\u0643\u0632 \u0641\u0642\u0637 \u0639\u0644\u0649 \u062a\u0631\u0648\u064a\u0633\u0627\u062a HTTP \u0623\u0648 \u0639\u0646\u0627\u0648\u064a\u0646 URL.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0644\u0645\u0631\u0627\u062d\u0644 \u0627\u0644\u062e\u0645\u0633 \u0644\u0645\u0639\u0627\u0644\u062c\u0629 ModSecurity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Phase 1 &#8211; Request Headers:<\/strong> \u0641\u062d\u0635 \u062a\u0631\u0648\u064a\u0633\u0627\u062a \u0627\u0644\u0637\u0644\u0628 \u0645\u062b\u0644 User-Agent \u0648 Cookie \u0648 Referer.<\/li>\n\n\n\n<li><strong>Phase 2 &#8211; Request Body:<\/strong> \u0641\u062d\u0635 \u0645\u062d\u062a\u0648\u0649 \u0627\u0644\u0637\u0644\u0628 \u0628\u0645\u0627 \u0641\u064a\u0647\u0627 \u0645\u0639\u0627\u0645\u0644\u0627\u062a POST \u0648 JSON \u0648 XML.<\/li>\n\n\n\n<li><strong>Phase 3 &#8211; Response Headers:<\/strong> \u0641\u062d\u0635 \u062a\u0631\u0648\u064a\u0633\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0642\u0628\u0644 \u0625\u0631\u0633\u0627\u0644\u0647\u0627 \u0644\u0644\u0639\u0645\u064a\u0644.<\/li>\n\n\n\n<li><strong>Phase 4 &#8211; Response Body:<\/strong> \u0641\u062d\u0635 \u0645\u062d\u062a\u0648\u0649 \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0644\u0645\u0646\u0639 \u062a\u0633\u0631\u064a\u0628 \u0628\u064a\u0627\u0646\u0627\u062a \u062d\u0633\u0627\u0633\u0629.<\/li>\n\n\n\n<li><strong>Phase 5 &#8211; Logging:<\/strong> \u062a\u0633\u062c\u064a\u0644 \u0627\u0644\u0623\u062d\u062f\u0627\u062b \u0641\u064a \u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0633\u062c\u0644 \u0644\u0644\u062a\u062d\u0644\u064a\u0644 \u0644\u0627\u062d\u0642\u0627\u064b.<\/li>\n<\/ul>\n\n\n\n<p>\u0643\u0644 \u0642\u0627\u0639\u062f\u0629 \u0641\u064a ModSecurity \u062a\u064f\u0643\u062a\u0628 \u0628\u0644\u063a\u0629 SecRule \u0627\u0644\u0645\u062e\u0635\u0635\u0629\u060c \u0648\u062a\u064f\u062d\u062f\u062f \u0639\u0646\u062f \u0623\u064a \u0645\u0631\u062d\u0644\u0629 \u064a\u062c\u0628 \u062a\u0637\u0628\u064a\u0642\u0647\u0627 \u0648\u0645\u0627 \u0627\u0644\u0625\u062c\u0631\u0627\u0621 \u0627\u0644\u0645\u0637\u0644\u0648\u0628 \u0627\u062a\u062e\u0627\u0630\u0647 \u0639\u0646\u062f \u062a\u0637\u0627\u0628\u0642\u0647\u0627. \u0647\u0630\u0647 \u0627\u0644\u0645\u0631\u0648\u0646\u0629 \u062a\u0645\u0646\u062d \u0627\u0644\u0645\u0633\u0624\u0648\u0644 \u0642\u062f\u0631\u0629 \u0647\u0627\u0626\u0644\u0629 \u0639\u0644\u0649 \u0636\u0628\u0637 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0628\u062f\u0642\u0629\u060c \u0641\u064a\u0645\u0643\u0646\u0643 \u0645\u062b\u0644\u0627\u064b \u0645\u0646\u0639 \u0631\u0641\u0639 \u0645\u0644\u0641\u0627\u062a \u0628\u0627\u0645\u062a\u062f\u0627\u062f\u0627\u062a \u0645\u0639\u064a\u0646\u0629 \u0641\u064a Phase 2\u060c \u0623\u0648 \u0625\u062e\u0641\u0627\u0621 \u062a\u0631\u0648\u064a\u0633\u0629 Server \u0641\u064a Phase 3 \u0644\u0625\u062e\u0641\u0627\u0621 \u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u0633\u064a\u0631\u0641\u0631 \u0639\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0623\u0648\u0636\u0627\u0639 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0641\u064a ModSecurity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>DetectionOnly:<\/strong> \u064a\u0643\u062a\u0634\u0641 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0648\u064a\u0633\u062c\u0644\u0647\u0627 \u0641\u0642\u0637 \u062f\u0648\u0646 \u062d\u062c\u0628\u0647\u0627\u060c \u0645\u0641\u064a\u062f \u0644\u0644\u0627\u062e\u062a\u0628\u0627\u0631 \u0627\u0644\u0623\u0648\u0644\u064a.<\/li>\n\n\n\n<li><strong>On:<\/strong> \u0627\u0644\u0648\u0636\u0639 \u0627\u0644\u0643\u0627\u0645\u0644 \u0627\u0644\u0630\u064a \u064a\u0643\u062a\u0634\u0641 \u0648\u064a\u062d\u062c\u0628 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u062a\u0644\u0642\u0627\u0626\u064a\u0627\u064b.<\/li>\n\n\n\n<li><strong>Off:<\/strong> \u062a\u0639\u0637\u064a\u0644 ModSecurity \u0628\u0627\u0644\u0643\u0627\u0645\u0644\u060c \u0644\u0627 \u064a\u064f\u0646\u0635\u062d \u0628\u0647 \u0639\u0644\u0649 \u0627\u0644\u0628\u064a\u0626\u0627\u062a \u0627\u0644\u0625\u0646\u062a\u0627\u062c\u064a\u0629.<\/li>\n<\/ul>\n\n\n\n<p>\u064a\u0646\u0635\u062d \u062e\u0628\u0631\u0627\u0621 \u0627\u0644\u0623\u0645\u0646 \u062f\u0627\u0626\u0645\u0627\u064b \u0628\u062a\u0634\u063a\u064a\u0644 ModSecurity \u0641\u064a \u0648\u0636\u0639 DetectionOnly \u0644\u0645\u062f\u0629 \u0623\u0633\u0628\u0648\u0639 \u0643\u0627\u0645\u0644 \u0639\u0644\u0649 \u0627\u0644\u0623\u0642\u0644 \u0639\u0646\u062f \u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u0623\u0648\u0644 \u0644\u0645\u0631\u0627\u0642\u0628\u0629 \u0627\u0644\u0633\u0644\u0648\u0643 \u0627\u0644\u0637\u0628\u064a\u0639\u064a \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0648\u0627\u0644\u062a\u0639\u0631\u0641 \u0639\u0644\u0649 \u0623\u064a False Positives \u0645\u062d\u062a\u0645\u0644\u0629\u060c \u062b\u0645 \u0627\u0644\u0627\u0646\u062a\u0642\u0627\u0644 \u062a\u062f\u0631\u064a\u062c\u064a\u0627\u064b \u0625\u0644\u0649 \u0627\u0644\u0648\u0636\u0639 \u0627\u0644\u0643\u0627\u0645\u0644 On \u0628\u0639\u062f \u0636\u0628\u0637 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u0628\u0634\u0643\u0644 \u0633\u0644\u064a\u0645. \u0647\u0630\u0627 \u0627\u0644\u0645\u0646\u0647\u062c \u0627\u0644\u062a\u062f\u0631\u064a\u062c\u064a \u064a\u062d\u0645\u064a \u062a\u062c\u0631\u0628\u0629 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0645\u0646 \u0627\u0644\u0627\u0646\u0642\u0637\u0627\u0639 \u0627\u0644\u0645\u0641\u0627\u062c\u0626 \u0628\u0633\u0628\u0628 \u0642\u0648\u0627\u0639\u062f \u0635\u0627\u0631\u0645\u0629 \u062c\u062f\u0627\u064b.<\/p>\n\n\n\n<div style=\"border-right:4px solid #7c3aed;background:#f5f3ff;padding:1.5rem;border-radius:0 12px 12px 0;margin:2rem 0\">\n<p style=\"margin:0 0 .5rem;font-weight:700;color:#4f46e5\">\u062d\u0645\u0627\u064a\u0629 \u0627\u062d\u062a\u0631\u0627\u0641\u064a\u0629 \u0628\u062f\u0648\u0646 \u062a\u0639\u0642\u064a\u062f<\/p>\n<p style=\"margin:0;color:#374151\">\u062d\u0645\u0627\u064a\u0629 ModSecurity \u0645\u062f\u0645\u062c\u0629 \u0641\u064a \u0643\u0644 \u062e\u0637\u0637 \u0645\u0631\u0627\u0645 \u0647\u0648\u0633\u062a \u0645\u0639 \u0642\u0648\u0627\u0639\u062f OWASP CRS \u0645\u064f\u062d\u062f\u0651\u062b\u0629 \u062a\u0644\u0642\u0627\u0626\u064a\u0627\u064b \u0648\u0636\u0628\u0637 \u0645\u0633\u0628\u0642 \u064a\u062d\u062c\u0628 99% \u0645\u0646 \u0627\u0644\u0647\u062c\u0645\u0627\u062a. <a href=\"https:\/\/maram.iq\" target=\"_blank\" rel=\"noopener\" style=\"color:#4f46e5;font-weight:600\">\u0627\u0628\u062f\u0623 \u0645\u0646 \u0647\u0646\u0627<\/a>.<\/p>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-4\">\u062a\u062b\u0628\u064a\u062a ModSecurity \u0639\u0644\u0649 Apache (\u062f\u0644\u064a\u0644 \u0639\u0645\u0644\u064a)<\/h2>\n\n\n\n<p>\u062a\u062b\u0628\u064a\u062a ModSecurity \u0639\u0644\u0649 Apache \u0647\u0648 \u0627\u0644\u0633\u064a\u0646\u0627\u0631\u064a\u0648 \u0627\u0644\u0623\u0643\u062b\u0631 \u0634\u064a\u0648\u0639\u0627\u064b \u0648\u0623\u0633\u0647\u0644 \u0628\u0643\u062b\u064a\u0631 \u0645\u0646 Nginx \u0628\u0641\u0636\u0644 \u0648\u062c\u0648\u062f \u0648\u062d\u062f\u0629 libapache2-mod-security2 \u0627\u0644\u062c\u0627\u0647\u0632\u0629 \u0641\u064a \u0645\u0639\u0638\u0645 \u062a\u0648\u0632\u064a\u0639\u0627\u062a Linux. \u0633\u0646\u0633\u062a\u0639\u0631\u0636 \u0647\u0646\u0627 \u062e\u0637\u0648\u0627\u062a \u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u0643\u0627\u0645\u0644\u0629 \u0639\u0644\u0649 Ubuntu 24.04 \u0648 CentOS Stream 10 \u0648 AlmaLinux 10\u060c \u0645\u0639 \u0634\u0631\u062d \u0643\u0644 \u0623\u0645\u0631 \u0648\u062f\u0648\u0631\u0647. \u0642\u0628\u0644 \u0627\u0644\u0628\u062f\u0621 \u062a\u0623\u0643\u062f \u0623\u0646 \u0644\u062f\u064a\u0643 \u0635\u0644\u0627\u062d\u064a\u0627\u062a root \u0623\u0648 sudo \u0639\u0644\u0649 \u0627\u0644\u0633\u064a\u0631\u0641\u0631\u060c \u0648\u0623\u0646 \u062e\u0627\u062f\u0645 Apache \u064a\u0639\u0645\u0644 \u0628\u0634\u0643\u0644 \u0633\u0644\u064a\u0645. \u0627\u0644\u0645\u0648\u0642\u0639 \u0627\u0644\u0631\u0633\u0645\u064a <a href=\"https:\/\/httpd.apache.org\/\" target=\"_blank\" rel=\"noopener\">httpd.apache.org<\/a> \u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0648\u062b\u0627\u0626\u0642 \u0627\u0644\u062a\u0643\u0648\u064a\u0646 \u0627\u0644\u0623\u0633\u0627\u0633\u064a\u0629 \u0644\u062e\u0627\u062f\u0645 Apache.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0639\u0644\u0649 Ubuntu\/Debian<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u062a\u062d\u062f\u064a\u062b \u0642\u0627\u0626\u0645\u0629 \u0627\u0644\u062d\u0632\u0645\nsudo apt update\n\n# \u062a\u062b\u0628\u064a\u062a ModSecurity v2 \u0644\u0640 Apache\nsudo apt install libapache2-mod-security2 -y\n\n# \u062a\u0641\u0639\u064a\u0644 \u0627\u0644\u0648\u062d\u062f\u0629 \u0641\u064a Apache\nsudo a2enmod security2\n\n# \u0646\u0633\u062e \u0645\u0644\u0641 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a \u0627\u0644\u0645\u0648\u0635\u0649 \u0628\u0647\nsudo cp \/etc\/modsecurity\/modsecurity.conf-recommended \\\n        \/etc\/modsecurity\/modsecurity.conf\n\n# \u062a\u0641\u0639\u064a\u0644 \u0627\u0644\u0648\u0636\u0639 On (\u0627\u0644\u0645\u0646\u0639 \u0648\u0644\u064a\u0633 \u0627\u0644\u0643\u0634\u0641 \u0641\u0642\u0637)\nsudo sed -i 's\/SecRuleEngine DetectionOnly\/SecRuleEngine On\/' \\\n        \/etc\/modsecurity\/modsecurity.conf\n\n# \u0625\u0639\u0627\u062f\u0629 \u062a\u0634\u063a\u064a\u0644 Apache \u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a\nsudo systemctl restart apache2\n\n# \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u0648\u062d\u062f\u0629\nsudo apache2ctl -M | grep security<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0639\u0644\u0649 CentOS\/AlmaLinux\/Rocky Linux<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u062a\u062b\u0628\u064a\u062a EPEL repository \u0623\u0648\u0644\u0627\u064b\nsudo dnf install epel-release -y\n\n# \u062a\u062b\u0628\u064a\u062a ModSecurity\nsudo dnf install mod_security -y\n\n# \u0646\u0633\u062e \u0645\u0644\u0641 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a\nsudo cp \/etc\/httpd\/conf.d\/mod_security.conf.bak \\\n        \/etc\/httpd\/conf.d\/mod_security.conf\n\n# \u062a\u0641\u0639\u064a\u0644 \u0627\u0644\u0645\u062d\u0631\u0643\nsudo sed -i 's\/SecRuleEngine DetectionOnly\/SecRuleEngine On\/' \\\n        \/etc\/httpd\/conf.d\/mod_security.conf\n\n# \u0625\u0639\u0627\u062f\u0629 \u062a\u0634\u063a\u064a\u0644 Apache\nsudo systemctl restart httpd\nsudo systemctl enable httpd<\/code><\/pre>\n\n\n\n<p>\u0628\u0639\u062f \u0627\u0644\u062a\u062b\u0628\u064a\u062a \u064a\u062c\u0628 \u0627\u0644\u062a\u0623\u0643\u062f \u0645\u0646 \u0623\u0646 ModSecurity \u064a\u0639\u0645\u0644 \u0641\u0639\u0644\u064a\u0627\u064b \u0639\u0628\u0631 \u0641\u062d\u0635 \u0645\u0644\u0641 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a \u0627\u0644\u0631\u0626\u064a\u0633\u064a \u0648\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u0642\u064a\u0645 \u0627\u0644\u0623\u0633\u0627\u0633\u064a\u0629 \u0645\u062b\u0644 SecRuleEngine \u0648 SecRequestBodyAccess \u0648 SecResponseBodyAccess. \u0627\u0644\u0625\u0639\u062f\u0627\u062f \u0627\u0644\u0645\u0648\u0635\u0649 \u0628\u0647 \u0647\u0648 \u062a\u0634\u063a\u064a\u0644 \u0641\u062d\u0635 \u0645\u062d\u062a\u0648\u0649 \u0627\u0644\u0637\u0644\u0628 \u0648\u062a\u0639\u0637\u064a\u0644 \u0641\u062d\u0635 \u0645\u062d\u062a\u0648\u0649 \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0644\u062a\u0642\u0644\u064a\u0644 \u0627\u0644\u062d\u0645\u0644 \u0639\u0644\u0649 \u0627\u0644\u0633\u064a\u0631\u0641\u0631\u060c \u062e\u0627\u0635\u0629 \u0639\u0644\u0649 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 \u0630\u0627\u062a \u0627\u0644\u0632\u0648\u0627\u0631 \u0627\u0644\u0643\u062b\u064a\u0641.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-5\">\u062a\u062b\u0628\u064a\u062a ModSecurity \u0639\u0644\u0649 Nginx<\/h2>\n\n\n\n<p>\u062a\u062b\u0628\u064a\u062a ModSecurity \u0639\u0644\u0649 Nginx \u0623\u0643\u062b\u0631 \u062a\u0639\u0642\u064a\u062f\u0627\u064b \u0642\u0644\u064a\u0644\u0627\u064b \u0645\u0646 Apache \u0644\u0623\u0646\u0647 \u064a\u062a\u0637\u0644\u0628 \u0641\u064a \u0645\u0639\u0638\u0645 \u0627\u0644\u0623\u062d\u064a\u0627\u0646 \u0625\u0639\u0627\u062f\u0629 \u0628\u0646\u0627\u0621 (compile) \u062e\u0627\u062f\u0645 Nginx \u0645\u0646 \u0627\u0644\u0645\u0635\u062f\u0631 \u0645\u0639 \u0648\u062d\u062f\u0629 ModSecurity-Nginx Connector\u060c \u0648\u0644\u0643\u0646 \u0627\u0644\u0646\u062a\u064a\u062c\u0629 \u062a\u0633\u062a\u062d\u0642 \u0627\u0644\u0639\u0646\u0627\u0621 \u0628\u0627\u0644\u0646\u0633\u0628\u0629 \u0644\u0644\u0633\u064a\u0631\u0641\u0631\u0627\u062a \u0639\u0627\u0644\u064a\u0629 \u0627\u0644\u0623\u062f\u0627\u0621 \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u0636\u064a\u0641 \u0639\u0634\u0631\u0627\u062a \u0627\u0644\u0645\u0648\u0627\u0642\u0639. \u0627\u0644\u0645\u0631\u062c\u0639 \u0627\u0644\u0631\u0633\u0645\u064a <a href=\"https:\/\/nginx.org\/\" target=\"_blank\" rel=\"noopener\">nginx.org<\/a> \u064a\u0642\u062f\u0645 \u0648\u062b\u0627\u0626\u0642 \u0645\u0641\u0635\u0644\u0629 \u0639\u0646 \u0628\u0646\u0627\u0621 \u0648\u062d\u062f\u0627\u062a Nginx \u0627\u0644\u062f\u064a\u0646\u0627\u0645\u064a\u0643\u064a\u0629.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u062e\u0637\u0648\u0627\u062a \u0628\u0646\u0627\u0621 Nginx \u0645\u0639 ModSecurity \u0645\u0646 \u0627\u0644\u0645\u0635\u062f\u0631<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u062a\u062b\u0628\u064a\u062a \u0623\u062f\u0648\u0627\u062a \u0627\u0644\u0628\u0646\u0627\u0621 \u0648\u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f\u064a\u0627\u062a\nsudo apt install -y git build-essential libpcre3 libpcre3-dev \\\n    libssl-dev libtool autoconf apache2-dev libxml2-dev \\\n    libcurl4-openssl-dev automake pkgconf libgeoip-dev liblua5.3-dev\n\n# \u062a\u0646\u0632\u064a\u0644 \u0648\u0628\u0646\u0627\u0621 libmodsecurity v3\ncd \/opt\nsudo git clone --depth 1 -b v3\/master \\\n    https:&#47;&#47;github.com\/SpiderLabs\/ModSecurity\ncd ModSecurity\nsudo git submodule init\nsudo git submodule update\nsudo .\/build.sh\nsudo .\/configure\nsudo make -j$(nproc)\nsudo make install\n\n# \u062a\u0646\u0632\u064a\u0644 ModSecurity-Nginx Connector\ncd \/opt\nsudo git clone --depth 1 \\\n    https:\/\/github.com\/SpiderLabs\/ModSecurity-nginx\n\n# \u062a\u0646\u0632\u064a\u0644 \u0645\u0635\u062f\u0631 Nginx \u0628\u0646\u0641\u0633 \u0627\u0644\u0646\u0633\u062e\u0629 \u0627\u0644\u0645\u062b\u0628\u062a\u0629\nnginx -v # \u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u0625\u0635\u062f\u0627\u0631\ncd \/opt\nsudo wget https:\/\/nginx.org\/download\/nginx-1.27.4.tar.gz\nsudo tar xzf nginx-1.27.4.tar.gz\ncd nginx-1.27.4\n\n# \u0628\u0646\u0627\u0621 \u0648\u062d\u062f\u0629 \u062f\u064a\u0646\u0627\u0645\u064a\u0643\u064a\u0629\nsudo .\/configure --with-compat \\\n    --add-dynamic-module=\/opt\/ModSecurity-nginx\nsudo make modules\n\n# \u0646\u0633\u062e \u0627\u0644\u0648\u062d\u062f\u0629 \u0644\u0645\u0633\u0627\u0631 \u0648\u062d\u062f\u0627\u062a Nginx\nsudo cp objs\/ngx_http_modsecurity_module.so \\\n    \/usr\/share\/nginx\/modules\/<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">\u062a\u0643\u0648\u064a\u0646 Nginx \u0644\u0627\u0633\u062a\u062e\u062f\u0627\u0645 ModSecurity<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0623\u0636\u0641 \u0647\u0630\u0647 \u0627\u0644\u0633\u0637\u0648\u0631 \u0641\u064a \u0628\u062f\u0627\u064a\u0629 \/etc\/nginx\/nginx.conf\nload_module modules\/ngx_http_modsecurity_module.so;\n\n# \u062f\u0627\u062e\u0644 \u0628\u0644\u0648\u0643 server \u0623\u0648 http\nmodsecurity on;\nmodsecurity_rules_file \/etc\/nginx\/modsec\/main.conf;\n\n# \u0641\u064a \u0645\u0644\u0641 \/etc\/nginx\/modsec\/main.conf\nInclude \/etc\/nginx\/modsec\/modsecurity.conf\nInclude \/usr\/local\/owasp-crs\/crs-setup.conf\nInclude \/usr\/local\/owasp-crs\/rules\/*.conf<\/code><\/pre>\n\n\n\n<p>\u0628\u0639\u062f \u0625\u0639\u0627\u062f\u0629 \u062a\u0634\u063a\u064a\u0644 Nginx \u0628\u0623\u0645\u0631 sudo systemctl restart nginx\u060c \u064a\u0645\u0643\u0646\u0643 \u0627\u062e\u062a\u0628\u0627\u0631 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0628\u0625\u0631\u0633\u0627\u0644 \u0637\u0644\u0628 \u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0646\u0645\u0637 XSS \u0628\u0633\u064a\u0637 \u0645\u062b\u0644 ?test=&lt;script&gt;alert(1)&lt;\/script&gt; \u0648\u064a\u062c\u0628 \u0623\u0646 \u062a\u0633\u062a\u0644\u0645 \u0627\u0633\u062a\u062c\u0627\u0628\u0629 403 Forbidden \u0625\u0630\u0627 \u0643\u0627\u0646\u062a \u0642\u0648\u0627\u0639\u062f OWASP CRS \u0645\u0641\u0639\u0651\u0644\u0629. \u0647\u0630\u0627 \u0627\u0644\u0627\u062e\u062a\u0628\u0627\u0631 \u0627\u0644\u0628\u0633\u064a\u0637 \u064a\u0624\u0643\u062f \u0623\u0646 \u0627\u0644\u0645\u0646\u0638\u0648\u0645\u0629 \u062a\u0639\u0645\u0644 \u0648\u064a\u062d\u062c\u0628 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0641\u0639\u0644\u064a\u0629.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-6\">\u062a\u0641\u0639\u064a\u0644 OWASP Core Rule Set (CRS)<\/h2>\n\n\n\n<p>OWASP Core Rule Set \u0623\u0648 \u0627\u062e\u062a\u0635\u0627\u0631\u0627\u064b CRS \u0647\u064a \u0645\u062c\u0645\u0648\u0639\u0629 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0642\u064a\u0627\u0633\u064a\u0629 \u0627\u0644\u0623\u0643\u062b\u0631 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0627\u064b \u0645\u0639 ModSecurity\u060c \u0648\u062a\u064f\u0639\u062f \u0628\u0645\u062b\u0627\u0628\u0629 &#8220;\u0627\u0644\u0630\u062e\u064a\u0631\u0629&#8221; \u0627\u0644\u062a\u064a \u064a\u0633\u062a\u062e\u062f\u0645\u0647\u0627 \u0647\u0630\u0627 \u0627\u0644\u062c\u062f\u0627\u0631 \u0627\u0644\u0646\u0627\u0631\u064a \u0644\u0627\u0643\u062a\u0634\u0627\u0641 \u0627\u0644\u0647\u062c\u0645\u0627\u062a. \u0628\u062f\u0648\u0646 \u0642\u0648\u0627\u0639\u062f CRS\u060c \u0641\u0625\u0646 ModSecurity \u064a\u0639\u0645\u0644 \u0643\u0645\u062d\u0631\u0643 \u0641\u0627\u0631\u063a \u0644\u0627 \u064a\u062d\u062c\u0628 \u0623\u064a \u0634\u064a\u0621. CRS \u062a\u0637\u0648\u0631\u0647\u0627 \u0645\u062c\u0645\u0648\u0639\u0629 OWASP \u0645\u0646\u0630 2006 \u0648\u062a\u064f\u062d\u062f\u064e\u0651\u062b \u0628\u0627\u0633\u062a\u0645\u0631\u0627\u0631 \u0644\u062a\u063a\u0637\u064a \u0623\u062d\u062f\u062b \u0627\u0644\u0647\u062c\u0645\u0627\u062a. \u064a\u0645\u0643\u0646\u0643 \u0632\u064a\u0627\u0631\u0629 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0627\u0644\u0631\u0633\u0645\u064a \u0639\u0628\u0631 <a href=\"https:\/\/coreruleset.org\/\" target=\"_blank\" rel=\"noopener\">coreruleset.org<\/a> \u0644\u0644\u0627\u0637\u0644\u0627\u0639 \u0639\u0644\u0649 \u0622\u062e\u0631 \u0625\u0635\u062f\u0627\u0631 \u0648\u0648\u062b\u0627\u0626\u0642 \u0627\u0644\u062a\u0643\u0648\u064a\u0646.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u062a\u0646\u0632\u064a\u0644 \u0648\u062a\u0641\u0639\u064a\u0644 CRS \u0623\u062d\u062f\u062b \u0625\u0635\u062f\u0627\u0631<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u062a\u0646\u0632\u064a\u0644 \u0622\u062e\u0631 \u0625\u0635\u062f\u0627\u0631 \u0645\u0646 CRS\ncd \/etc\/modsecurity\/\nsudo git clone --depth 1 -b v4.0\/master \\\n    https:\/\/github.com\/coreruleset\/coreruleset.git crs\n\n# \u0646\u0633\u062e \u0645\u0644\u0641 \u0627\u0644\u0625\u0639\u062f\u0627\u062f \u0627\u0644\u0627\u0641\u062a\u0631\u0627\u0636\u064a\ncd crs\nsudo cp crs-setup.conf.example crs-setup.conf\n\n# \u0641\u064a Apache: \u062a\u0641\u0639\u064a\u0644 \u0627\u0644\u0640 Includes \u0641\u064a security2.conf\nsudo nano \/etc\/apache2\/mods-enabled\/security2.conf\n# \u0623\u0636\u0641:\nIncludeOptional \/etc\/modsecurity\/crs\/crs-setup.conf\nIncludeOptional \/etc\/modsecurity\/crs\/rules\/*.conf\n\n# \u0625\u0639\u0627\u062f\u0629 \u062a\u0634\u063a\u064a\u0644 Apache\nsudo systemctl restart apache2<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">\u0641\u0647\u0645 Paranoia Levels \u0641\u064a CRS<\/h3>\n\n\n\n<p>\u062a\u0633\u062a\u062e\u062f\u0645 CRS \u0645\u0641\u0647\u0648\u0645 \u0645\u0633\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0628\u0627\u0631\u0627\u0646\u0648\u064a\u0627 (Paranoia Levels) \u0644\u062a\u062d\u062f\u064a\u062f \u0635\u0631\u0627\u0645\u0629 \u0627\u0644\u0641\u062d\u0635\u060c \u062d\u064a\u062b \u062a\u062a\u0631\u0627\u0648\u062d \u0645\u0646 \u0627\u0644\u0645\u0633\u062a\u0648\u0649 1 (\u0627\u0644\u0623\u0642\u0644 \u0635\u0631\u0627\u0645\u0629) \u0625\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u0648\u0649 4 (\u0627\u0644\u0623\u0643\u062b\u0631 \u0635\u0631\u0627\u0645\u0629). \u0643\u0644 \u0645\u0633\u062a\u0648\u0649 \u064a\u0636\u064a\u0641 \u0642\u0648\u0627\u0639\u062f \u0625\u0636\u0627\u0641\u064a\u0629 \u0623\u0643\u062b\u0631 \u062f\u0642\u0629 \u0648\u0644\u0643\u0646\u0647 \u064a\u0632\u064a\u062f \u0627\u062d\u062a\u0645\u0627\u0644\u064a\u0629 \u0638\u0647\u0648\u0631 \u0625\u064a\u062c\u0627\u0628\u064a\u0627\u062a \u0643\u0627\u0630\u0628\u0629 (False Positives). \u0644\u0644\u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0639\u0627\u0645\u0629 \u0639\u0627\u062f\u0629\u064b \u064a\u0643\u0641\u064a \u0627\u0644\u0645\u0633\u062a\u0648\u0649 1\u060c \u0623\u0645\u0627 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u062d\u0633\u0627\u0633\u0629 \u0643\u0627\u0644\u0628\u0646\u0648\u0643 \u0648\u0628\u0648\u0627\u0628\u0627\u062a \u0627\u0644\u062f\u0641\u0639 \u0641\u062a\u062d\u062a\u0627\u062c \u0627\u0644\u0645\u0633\u062a\u0648\u0649 3 \u0623\u0648 4.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Paranoia Level 1:<\/strong> \u064a\u062d\u062c\u0628 95% \u0645\u0646 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0634\u0627\u0626\u0639\u0629 \u0628\u0623\u0642\u0644 False Positives\u060c \u0645\u0646\u0627\u0633\u0628 \u0644\u0645\u0639\u0638\u0645 \u0627\u0644\u0645\u0648\u0627\u0642\u0639.<\/li>\n\n\n\n<li><strong>Paranoia Level 2:<\/strong> \u0641\u062d\u0635 \u0623\u0639\u0645\u0642 \u0644\u0644\u0645\u0639\u0627\u0645\u0644\u0627\u062a \u0648\u0627\u0644\u062a\u0631\u0648\u064a\u0633\u0627\u062a\u060c \u0645\u0646\u0627\u0633\u0628 \u0644\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0645\u0627\u0644\u064a\u0629 \u0627\u0644\u0645\u062a\u0648\u0633\u0637\u0629.<\/li>\n\n\n\n<li><strong>Paranoia Level 3:<\/strong> \u0635\u0627\u0631\u0645 \u062c\u062f\u0627\u064b \u0648\u064a\u062a\u0637\u0644\u0628 \u062a\u062e\u0635\u064a\u0635\u0627\u064b \u0648\u0627\u0633\u0639\u0627\u064b\u060c \u0645\u0646\u0627\u0633\u0628 \u0644\u0644\u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u062d\u0643\u0648\u0645\u064a\u0629.<\/li>\n\n\n\n<li><strong>Paranoia Level 4:<\/strong> \u0623\u0642\u0635\u0649 \u0645\u0633\u062a\u0648\u0649 \u0623\u0645\u0627\u0646\u060c \u064a\u062a\u0637\u0644\u0628 \u0641\u0631\u064a\u0642 \u0623\u0645\u0627\u0646 \u0645\u062a\u062e\u0635\u0635 \u0644\u0625\u062f\u0627\u0631\u062a\u0647.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-7\">\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a SQL Injection<\/h2>\n\n\n\n<p>\u0647\u062c\u0645\u0627\u062a SQL Injection \u062a\u0638\u0644 \u0645\u0646 \u0623\u062e\u0637\u0631 \u0627\u0644\u062a\u0647\u062f\u064a\u062f\u0627\u062a \u0639\u0644\u0649 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u062f\u064a\u0646\u0627\u0645\u064a\u0643\u064a\u0629 \u0631\u063a\u0645 \u0645\u0631\u0648\u0631 \u0623\u0643\u062b\u0631 \u0645\u0646 \u0639\u0634\u0631\u064a\u0646 \u0639\u0627\u0645\u0627\u064b \u0639\u0644\u0649 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627\u060c \u0648\u0647\u064a \u062a\u062d\u062a\u0644 \u0627\u0644\u0645\u0631\u062a\u0628\u0629 \u0627\u0644\u062b\u0627\u0644\u062b\u0629 \u0641\u064a \u0642\u0627\u0626\u0645\u0629 OWASP Top 10 \u0644\u0639\u0627\u0645 2026. \u0634\u0631\u062d ModSecurity \u0644\u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u0630\u0647 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u064a\u0648\u0636\u062d \u0643\u064a\u0641 \u062a\u0639\u0645\u0644 \u0642\u0648\u0627\u0639\u062f CRS \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u0623\u0646\u0645\u0627\u0637 SQL \u062f\u0627\u062e\u0644 \u0645\u0639\u0627\u0645\u0644\u0627\u062a \u0627\u0644\u0637\u0644\u0628\u060c \u0648\u0643\u064a\u0641 \u062a\u062d\u062c\u0628 \u0623\u064a \u0645\u062d\u0627\u0648\u0644\u0629 \u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645\u0627\u062a \u0642\u0628\u0644 \u0648\u0635\u0648\u0644\u0647\u0627 \u0644\u0642\u0627\u0639\u062f\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0623\u0646\u0648\u0627\u0639 SQL Injection \u0627\u0644\u062a\u064a \u064a\u062d\u062c\u0628\u0647\u0627 ModSecurity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Classic Injection:<\/strong> \u062d\u0642\u0646 \u0645\u0628\u0627\u0634\u0631 \u0645\u062b\u0644 OR 1=1 \u0648 UNION SELECT.<\/li>\n\n\n\n<li><strong>Blind SQL Injection:<\/strong> \u0627\u0644\u0627\u0633\u062a\u0641\u0633\u0627\u0631 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0634\u0631\u0648\u0637 \u0627\u0644\u0645\u0646\u0637\u0642\u064a\u0629 \u0648\u0642\u064a\u0627\u0633 \u0648\u0642\u062a \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629.<\/li>\n\n\n\n<li><strong>Time-based Injection:<\/strong> \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062f\u0648\u0627\u0644 \u0645\u062b\u0644 SLEEP() \u0644\u062a\u0623\u062e\u064a\u0631 \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629.<\/li>\n\n\n\n<li><strong>Out-of-Band Injection:<\/strong> \u062a\u0646\u0641\u064a\u0630 \u0627\u0633\u062a\u0639\u0644\u0627\u0645\u0627\u062a DNS \u0623\u0648 HTTP \u0644\u0633\u062d\u0628 \u0628\u064a\u0627\u0646\u0627\u062a.<\/li>\n\n\n\n<li><strong>Second-order Injection:<\/strong> \u062d\u0642\u0646 \u064a\u062e\u0632\u064e\u0651\u0646 \u0641\u064a \u0642\u0627\u0639\u062f\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u062b\u0645 \u064a\u064f\u0633\u062a\u062e\u062f\u0645 \u0644\u0627\u062d\u0642\u0627\u064b.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u0645\u062b\u0627\u0644 \u0639\u0645\u0644\u064a: \u0642\u0627\u0639\u062f\u0629 \u0644\u062d\u062c\u0628 SQL Injection<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0642\u0627\u0639\u062f\u0629 \u0645\u062e\u0635\u0635\u0629 \u0644\u0645\u0646\u0639 \u0643\u0644\u0645\u0627\u062a \u0645\u0641\u062a\u0627\u062d\u064a\u0629 \u0634\u0627\u0626\u0639\u0629 \u0641\u064a SQL Injection\nSecRule ARGS \"@detectSQLi\" \\\n    \"id:1000001,\\\n    phase:2,\\\n    deny,\\\n    status:403,\\\n    log,\\\n    msg:'SQL Injection Detected by Custom Rule',\\\n    severity:CRITICAL,\\\n    tag:'application-multi',\\\n    tag:'OWASP_CRS\/WEB_ATTACK\/SQLI'\"\n\n# \u0642\u0627\u0639\u062f\u0629 \u0644\u062d\u062c\u0628 UNION SELECT\nSecRule ARGS \"@rx (?i)(union\\s+select|union\\s+all\\s+select)\" \\\n    \"id:1000002,\\\n    phase:2,\\\n    deny,\\\n    status:403,\\\n    msg:'UNION SELECT Attack Blocked'\"<\/code><\/pre>\n\n\n\n<p>\u0627\u0644\u0645\u064f\u0634\u063a\u0651\u0644 @detectSQLi \u0647\u0648 \u0645\u062d\u0631\u0643 \u0630\u0643\u064a \u0645\u062f\u0645\u062c \u0641\u064a ModSecurity v3 \u064a\u0633\u062a\u062e\u062f\u0645 \u0645\u0643\u062a\u0628\u0629 libinjection \u0627\u0644\u0645\u062e\u0635\u0635\u0629 \u0644\u0627\u0643\u062a\u0634\u0627\u0641 SQL Injection \u0628\u062f\u0642\u0629 \u0639\u0627\u0644\u064a\u0629 \u0648\u0645\u0639\u062f\u0644 False Positives \u0645\u0646\u062e\u0641\u0636 \u062c\u062f\u0627\u064b\u060c \u0648\u0647\u0648 \u064a\u062a\u0641\u0648\u0642 \u0639\u0644\u0649 \u0627\u0644\u0623\u0646\u0645\u0627\u0637 \u0627\u0644\u062a\u0642\u0644\u064a\u062f\u064a\u0629 \u0627\u0644\u0642\u0627\u0626\u0645\u0629 \u0639\u0644\u0649 \u0627\u0644\u062a\u0639\u0628\u064a\u0631 \u0627\u0644\u0645\u0646\u062a\u0638\u0645 \u0644\u0623\u0646\u0647 \u064a\u062d\u0644\u0644 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u0646\u062d\u0648\u064a\u0629 \u0627\u0644\u0641\u0639\u0644\u064a\u0629 \u0644\u0644\u0646\u0635.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-8\">\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a XSS (Cross-Site Scripting)<\/h2>\n\n\n\n<p>\u0647\u062c\u0645\u0627\u062a Cross-Site Scripting \u0623\u0648 XSS \u062a\u0623\u062a\u064a \u0641\u064a \u0627\u0644\u0645\u0631\u062a\u0628\u0629 \u0627\u0644\u062b\u0627\u0646\u064a\u0629 \u0628\u0639\u062f SQL Injection \u0645\u0646 \u062d\u064a\u062b \u0627\u0644\u0627\u0646\u062a\u0634\u0627\u0631\u060c \u0648\u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0628\u062d\u0642\u0646 \u0633\u0643\u0631\u0628\u062a\u0627\u062a JavaScript \u062e\u0628\u064a\u062b\u0629 \u062f\u0627\u062e\u0644 \u0635\u0641\u062d\u0627\u062a \u0627\u0644\u0645\u0648\u0642\u0639 \u0644\u0633\u0631\u0642\u0629 \u0627\u0644\u0643\u0648\u0643\u064a\u0632 \u0623\u0648 \u0625\u0639\u0627\u062f\u0629 \u062a\u0648\u062c\u064a\u0647 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0644\u0645\u0648\u0627\u0642\u0639 \u062a\u0635\u064a\u062f. \u0634\u0631\u062d ModSecurity \u0644\u0643\u064a\u0641\u064a\u0629 \u0635\u062f XSS \u0645\u0647\u0645 \u062c\u062f\u0627\u064b \u0644\u0623\u0646 \u0642\u0648\u0627\u0639\u062f CRS \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0647\u0630\u0627 \u0627\u0644\u0646\u0648\u0639 \u0645\u0646 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0645\u0639\u0642\u062f\u0629 \u0648\u062a\u062d\u062a\u0627\u062c \u0641\u0647\u0645\u0627\u064b \u062f\u0642\u064a\u0642\u0627\u064b \u0644\u062a\u062c\u0646\u0628 \u0625\u064a\u062c\u0627\u0628\u064a\u0627\u062a \u0643\u0627\u0630\u0628\u0629 \u0641\u064a \u0627\u0644\u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u062a\u064a \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0628\u0643\u062a\u0627\u0628\u0629 \u0645\u062d\u062a\u0648\u0649 HTML.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0623\u0646\u0648\u0627\u0639 \u0647\u062c\u0645\u0627\u062a XSS \u0627\u0644\u062b\u0644\u0627\u062b\u0629<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Reflected XSS:<\/strong> \u064a\u062d\u0642\u0646 \u0627\u0644\u0633\u0643\u0631\u0628\u062a \u0641\u064a URL \u0648\u064a\u0639\u0643\u0633\u0647 \u0627\u0644\u0633\u064a\u0631\u0641\u0631 \u0641\u0648\u0631\u0627\u064b \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645.<\/li>\n\n\n\n<li><strong>Stored XSS:<\/strong> \u064a\u062e\u0632\u064e\u0651\u0646 \u0627\u0644\u0633\u0643\u0631\u0628\u062a \u0641\u064a \u0642\u0627\u0639\u062f\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648\u064a\u064f\u0639\u0631\u0636 \u0644\u0627\u062d\u0642\u0627\u064b \u0644\u0643\u0644 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646.<\/li>\n\n\n\n<li><strong>DOM-based XSS:<\/strong> \u064a\u0646\u0641\u064e\u0651\u0630 \u0641\u064a \u0627\u0644\u0645\u062a\u0635\u0641\u062d \u0641\u0642\u0637 \u062f\u0648\u0646 \u0645\u0631\u0648\u0631 \u0628\u0627\u0644\u0633\u064a\u0631\u0641\u0631.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u0645\u062b\u0627\u0644 \u0639\u0644\u0649 \u0642\u0627\u0639\u062f\u0629 XSS \u0645\u062e\u0635\u0635\u0629<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0642\u0627\u0639\u062f\u0629 \u0644\u0627\u0643\u062a\u0634\u0627\u0641 XSS \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 libinjection\nSecRule ARGS|REQUEST_HEADERS|REQUEST_COOKIES \"@detectXSS\" \\\n    \"id:1000010,\\\n    phase:2,\\\n    deny,\\\n    status:403,\\\n    log,\\\n    msg:'XSS Attack Detected',\\\n    severity:CRITICAL,\\\n    tag:'OWASP_CRS\/WEB_ATTACK\/XSS'\"\n\n# \u0642\u0627\u0639\u062f\u0629 \u0625\u0636\u0627\u0641\u064a\u0629 \u0644\u062d\u062c\u0628 \u0627\u0644\u0623\u0646\u0645\u0627\u0637 \u0627\u0644\u0645\u0634\u0628\u0648\u0647\u0629\nSecRule ARGS \"@rx (?i)(&lt;script|javascript:|onerror=|onload=)\" \\\n    \"id:1000011,\\\n    phase:2,\\\n    deny,\\\n    status:403,\\\n    msg:'Suspicious XSS Pattern'\"<\/code><\/pre>\n\n\n\n<p>\u0644\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0623\u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u062d\u0645\u0627\u064a\u0629 \u0636\u062f XSS\u060c \u064a\u064f\u0646\u0635\u062d \u0628\u062f\u0645\u062c ModSecurity \u0645\u0639 \u0631\u0624\u0648\u0633 HTTP \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0645\u062b\u0644 Content-Security-Policy \u0648 X-XSS-Protection \u0648 X-Content-Type-Options. \u0647\u0630\u0647 \u0627\u0644\u0631\u0624\u0648\u0633 \u062a\u064f\u0636\u064a\u0641 \u0637\u0628\u0642\u0629 \u062d\u0645\u0627\u064a\u0629 \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0645\u062a\u0635\u0641\u062d \u0648\u062a\u0645\u0646\u0639 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u0633\u0643\u0631\u0628\u062a\u0627\u062a \u0627\u0644\u062e\u0628\u064a\u062b\u0629 \u062d\u062a\u0649 \u0644\u0648 \u0646\u062c\u062d\u062a \u0628\u0627\u0644\u0639\u0628\u0648\u0631 \u0645\u0646 ModSecurity.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-9\">\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a RFI \u0648 LFI<\/h2>\n\n\n\n<p>\u0647\u062c\u0645\u0627\u062a Remote File Inclusion (RFI) \u0648 Local File Inclusion (LFI) \u062a\u0633\u062a\u0647\u062f\u0641 \u0628\u0634\u0643\u0644 \u0623\u0633\u0627\u0633\u064a \u062a\u0637\u0628\u064a\u0642\u0627\u062a PHP \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u062e\u062f\u0645 \u062f\u0648\u0627\u0644 include \u0648 require \u0628\u0634\u0643\u0644 \u063a\u064a\u0631 \u0622\u0645\u0646\u060c \u062d\u064a\u062b \u064a\u062a\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0645\u0646 \u062c\u0639\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u064a\u062d\u0645\u0651\u0644 \u0645\u0644\u0641\u0627\u062a \u0645\u0646 \u0627\u0644\u0633\u064a\u0631\u0641\u0631 \u0646\u0641\u0633\u0647 \u0623\u0648 \u0645\u0646 \u0633\u064a\u0631\u0641\u0631 \u0628\u0639\u064a\u062f \u0644\u062a\u0646\u0641\u064a\u0630 \u0643\u0648\u062f \u062e\u0628\u064a\u062b. ModSecurity \u064a\u062d\u062c\u0628 \u0647\u0630\u0647 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0628\u0641\u062d\u0635 \u0645\u062d\u0627\u0648\u0644\u0627\u062a \u0627\u0644\u0648\u0635\u0648\u0644 \u0644\u0645\u0644\u0641\u0627\u062a \u062d\u0633\u0627\u0633\u0629 \u0645\u062b\u0644 \/etc\/passwd \u0623\u0648 \u0645\u062d\u0627\u0648\u0644\u0627\u062a \u062a\u0636\u0645\u064a\u0646 \u0631\u0648\u0627\u0628\u0637 HTTP \u062e\u0627\u0631\u062c\u064a\u0629 \u0641\u064a \u0645\u0639\u0627\u0645\u0644\u0627\u062a \u0627\u0644\u0637\u0644\u0628.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0623\u0646\u0645\u0627\u0637 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0634\u0627\u0626\u0639\u0629<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>..\/..\/etc\/passwd:<\/strong> \u0645\u062d\u0627\u0648\u0644\u0629 \u0642\u0631\u0627\u0621\u0629 \u0645\u0644\u0641 \u0643\u0644\u0645\u0627\u062a \u0645\u0631\u0648\u0631 \u0627\u0644\u0646\u0638\u0627\u0645.<\/li>\n\n\n\n<li><strong>php:\/\/filter:<\/strong> \u0627\u0633\u062a\u062e\u062f\u0627\u0645 wrapper PHP \u0644\u0642\u0631\u0627\u0621\u0629 \u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0645\u0635\u062f\u0631.<\/li>\n\n\n\n<li><strong>http:\/\/evil.com\/shell.txt:<\/strong> \u062a\u0636\u0645\u064a\u0646 \u0645\u0644\u0641 \u0645\u0646 \u0633\u064a\u0631\u0641\u0631 \u0628\u0639\u064a\u062f.<\/li>\n\n\n\n<li><strong>data:\/\/ \u0648 expect:\/\/:<\/strong> wrappers PHP \u0644\u062a\u0646\u0641\u064a\u0630 \u0643\u0648\u062f \u0645\u0628\u0627\u0634\u0631.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u0642\u0627\u0639\u062f\u0629 \u0644\u0645\u0646\u0639 LFI<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>SecRule ARGS \"@rx (?i)(\\.\\.\/|\\.\\.\\\\|\/etc\/passwd|\/proc\/self|\/var\/log)\" \\\n    \"id:1000020,\\\n    phase:2,\\\n    deny,\\\n    status:403,\\\n    log,\\\n    msg:'LFI Attack Detected',\\\n    severity:CRITICAL\"\n\n# \u0645\u0646\u0639 RFI\nSecRule ARGS \"@rx (?i)(https?:|ftps?:|php:|data:|expect:)\" \\\n    \"id:1000021,\\\n    phase:2,\\\n    deny,\\\n    status:403,\\\n    log,\\\n    msg:'RFI Attack Detected'\"<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-10\">\u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f ModSecurity \u0645\u062e\u0635\u0635\u0629<\/h2>\n\n\n\n<p>\u0627\u0644\u0642\u062f\u0631\u0629 \u0639\u0644\u0649 \u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f \u0645\u062e\u0635\u0635\u0629 \u0647\u064a \u0645\u0627 \u064a\u062c\u0639\u0644 ModSecurity \u0623\u062f\u0627\u0629 \u0642\u0648\u064a\u0629 \u062d\u0642\u0627\u064b\u060c \u0641\u0628\u062f\u0644\u0627\u064b \u0645\u0646 \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f \u0639\u0644\u0649 \u0642\u0648\u0627\u0639\u062f CRS \u0627\u0644\u0639\u0627\u0645\u0629\u060c \u064a\u0645\u0643\u0646\u0643 \u062a\u0635\u0645\u064a\u0645 \u0642\u0648\u0627\u0639\u062f \u062f\u0642\u064a\u0642\u0629 \u062a\u0646\u0627\u0633\u0628 \u0637\u0628\u064a\u0639\u0629 \u0645\u0648\u0642\u0639\u0643. \u0634\u0631\u062d ModSecurity \u0644\u0643\u062a\u0627\u0628\u0629 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u064a\u0628\u062f\u0623 \u0628\u0641\u0647\u0645 \u0628\u0646\u064a\u0629 SecRule \u0627\u0644\u0623\u0633\u0627\u0633\u064a\u0629: \u0627\u0644\u0645\u0635\u062f\u0631 (Variable)\u060c \u0627\u0644\u0645\u064f\u0634\u063a\u0651\u0644 (Operator)\u060c \u0627\u0644\u0625\u062c\u0631\u0627\u0621 (Action). \u0643\u0644 \u0642\u0627\u0639\u062f\u0629 \u0644\u0647\u0627 \u0645\u0639\u0631\u0651\u0641 \u0641\u0631\u064a\u062f (id) \u064a\u062c\u0628 \u0623\u0646 \u064a\u0643\u0648\u0646 \u0623\u0643\u0628\u0631 \u0645\u0646 1000000 \u0644\u062a\u062c\u0646\u0628 \u0627\u0644\u062a\u0639\u0627\u0631\u0636 \u0645\u0639 \u0642\u0648\u0627\u0639\u062f CRS.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0644\u0645\u062a\u063a\u064a\u0631\u0627\u062a (Variables) \u0627\u0644\u0623\u0643\u062b\u0631 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0627\u064b<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>ARGS:<\/strong> \u0643\u0644 \u0645\u0639\u0627\u0645\u0644\u0627\u062a GET \u0648 POST.<\/li>\n\n\n\n<li><strong>ARGS_NAMES:<\/strong> \u0623\u0633\u0645\u0627\u0621 \u0627\u0644\u0645\u0639\u0627\u0645\u0644\u0627\u062a \u0641\u0642\u0637.<\/li>\n\n\n\n<li><strong>REQUEST_HEADERS:<\/strong> \u062a\u0631\u0648\u064a\u0633\u0627\u062a \u0627\u0644\u0637\u0644\u0628.<\/li>\n\n\n\n<li><strong>REQUEST_URI:<\/strong> \u0627\u0644\u0645\u0633\u0627\u0631 \u0627\u0644\u0643\u0627\u0645\u0644 \u0628\u0645\u0627 \u0641\u064a\u0647 query string.<\/li>\n\n\n\n<li><strong>REQUEST_METHOD:<\/strong> \u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u0637\u0644\u0628 (GET\u060c POST\u060c PUT\u060c \u0625\u0644\u062e).<\/li>\n\n\n\n<li><strong>REMOTE_ADDR:<\/strong> \u0639\u0646\u0648\u0627\u0646 IP \u0644\u0644\u0632\u0627\u0626\u0631.<\/li>\n\n\n\n<li><strong>FILES_NAMES:<\/strong> \u0623\u0633\u0645\u0627\u0621 \u0627\u0644\u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0645\u0631\u0641\u0648\u0639\u0629.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u0623\u0645\u062b\u0644\u0629 \u0639\u0645\u0644\u064a\u0629 \u0644\u0642\u0648\u0627\u0639\u062f \u0645\u062e\u0635\u0635\u0629<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0645\u0646\u0639 \u0648\u0635\u0648\u0644 \u062f\u0648\u0644 \u0645\u0639\u064a\u0646\u0629 (\u0645\u062b\u0644\u0627\u064b \u062c\u0645\u064a\u0639 \u0627\u0644\u062f\u0648\u0644 \u0645\u0627 \u0639\u062f\u0627 \u0627\u0644\u0639\u0631\u0627\u0642)\nSecGeoLookupDB \/etc\/modsecurity\/GeoLite2-Country.mmdb\nSecRule REMOTE_ADDR \"@geoLookup\" \\\n    \"id:1000100,phase:1,nolog,pass\"\nSecRule GEO:COUNTRY_CODE \"!@streq IQ\" \\\n    \"id:1000101,phase:1,deny,status:403,\\\n    msg:'Country Not Allowed'\"\n\n# \u062a\u062d\u062f\u064a\u062f \u0645\u0639\u062f\u0644 \u0627\u0644\u0637\u0644\u0628\u0627\u062a (Rate Limiting)\nSecAction \"id:1000200,phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR}\"\nSecRule REQUEST_URI \"@beginsWith \/wp-login.php\" \\\n    \"id:1000201,phase:2,nolog,pass,setvar:ip.attempts=+1,\\\n    expirevar:ip.attempts=300\"\nSecRule IP:ATTEMPTS \"@gt 10\" \\\n    \"id:1000202,phase:2,deny,status:429,\\\n    msg:'Too Many Login Attempts'\"\n\n# \u0645\u0646\u0639 \u0631\u0641\u0639 \u0645\u0644\u0641\u0627\u062a \u0628\u0627\u0645\u062a\u062f\u0627\u062f\u0627\u062a \u062e\u0637\u064a\u0631\u0629\nSecRule FILES_NAMES \"@rx (?i)\\.(php|phtml|pl|py|jsp|asp|sh|cgi)$\" \\\n    \"id:1000300,phase:2,deny,status:403,\\\n    msg:'Dangerous File Upload Attempt'\"<\/code><\/pre>\n\n\n\n<div style=\"border-right:4px solid #7c3aed;background:#f5f3ff;padding:1.5rem;border-radius:0 12px 12px 0;margin:2rem 0\">\n<p style=\"margin:0 0 .5rem;font-weight:700;color:#4f46e5\">\u0642\u0648\u0627\u0639\u062f \u062c\u0627\u0647\u0632\u0629 \u0644\u0648\u0648\u0631\u062f\u0628\u0631\u064a\u0633 \u0648 WHMCS<\/p>\n<p style=\"margin:0;color:#374151\">\u062d\u0645\u0627\u064a\u0629 ModSecurity \u0645\u062f\u0645\u062c\u0629 \u0641\u064a \u0643\u0644 \u062e\u0637\u0637 \u0645\u0631\u0627\u0645 \u0647\u0648\u0633\u062a \u0645\u0639 \u0642\u0648\u0627\u0639\u062f \u062c\u0627\u0647\u0632\u0629 \u0645\u064f\u062e\u062a\u0628\u0631\u0629 \u0644\u0645\u0646\u0635\u0627\u062a \u0648\u0648\u0631\u062f\u0628\u0631\u064a\u0633 \u0648 WHMCS \u0648 Magento. <a href=\"https:\/\/maram.iq\" target=\"_blank\" rel=\"noopener\" style=\"color:#4f46e5;font-weight:600\">\u0627\u0628\u062f\u0623 \u0645\u0646 \u0647\u0646\u0627<\/a>.<\/p>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-11\">\u062a\u062d\u0644\u064a\u0644 \u0633\u062c\u0644\u0627\u062a ModSecurity \u0648\u0641\u0647\u0645\u0647\u0627<\/h2>\n\n\n\n<p>\u0633\u062c\u0644\u0627\u062a ModSecurity \u0647\u064a \u0643\u0646\u0632 \u0645\u0646 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u064a\u062c\u0628 \u0639\u0644\u0649 \u0643\u0644 \u0645\u062f\u064a\u0631 \u0633\u064a\u0631\u0641\u0631 \u0641\u0647\u0645\u0647\u0627 \u0648\u0627\u0633\u062a\u062b\u0645\u0627\u0631\u0647\u0627. \u064a\u0643\u062a\u0628 ModSecurity \u062b\u0644\u0627\u062b\u0629 \u0623\u0646\u0648\u0627\u0639 \u0645\u0646 \u0627\u0644\u0633\u062c\u0644\u0627\u062a: Audit Log \u0627\u0644\u0630\u064a \u064a\u062d\u062a\u0648\u064a \u062a\u0641\u0627\u0635\u064a\u0644 \u0643\u0627\u0645\u0644\u0629 \u0639\u0646 \u0627\u0644\u0637\u0644\u0628\u0627\u062a \u0627\u0644\u0645\u062d\u062c\u0648\u0628\u0629\u060c Debug Log \u0644\u0644\u062a\u0634\u062e\u064a\u0635\u060c \u0648\u0633\u062c\u0644\u0627\u062a \u0627\u0644\u0623\u062e\u0637\u0627\u0621 \u0627\u0644\u0639\u0627\u062f\u064a\u0629 \u0644\u062e\u0627\u062f\u0645 \u0627\u0644\u0648\u064a\u0628. \u0627\u0644\u0645\u0648\u0642\u0639 \u0627\u0644\u0627\u0641\u062a\u0631\u0627\u0636\u064a \u0644\u0640 Audit Log \u0641\u064a Apache \u0647\u0648 \/var\/log\/apache2\/modsec_audit.log \u0623\u0645\u0627 \u0641\u064a Nginx \u0641\u064a\u062a\u0645 \u062a\u062d\u062f\u064a\u062f\u0647 \u064a\u062f\u0648\u064a\u0627\u064b \u0641\u064a \u0645\u0644\u0641 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0628\u0646\u064a\u0629 Audit Log<\/h3>\n\n\n\n<p>\u0643\u0644 \u062d\u062f\u062b \u0641\u064a Audit Log \u064a\u064f\u0642\u0633\u0645 \u0625\u0644\u0649 \u0623\u0642\u0633\u0627\u0645 \u062a\u0628\u062f\u0623 \u0628\u062d\u0631\u0641 \u0645\u0639\u064a\u0646 \u0628\u0639\u062f \u0627\u0644\u0639\u0644\u0627\u0645\u0629 %&#8211;xxx-A&#8211; \u0645\u062b\u0644 A \u0644\u0644\u062a\u0631\u0648\u064a\u0633\u0629\u060c B \u0644\u0637\u0644\u0628 \u0627\u0644\u062a\u0631\u0648\u064a\u0633\u0627\u062a\u060c C \u0644\u0645\u062d\u062a\u0648\u0649 \u0627\u0644\u0637\u0644\u0628\u060c F \u0644\u0631\u062f \u0627\u0644\u062a\u0631\u0648\u064a\u0633\u0627\u062a\u060c H \u0644\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0627\u0644\u0643\u0627\u0645\u0644\u0629\u060c K \u0644\u0644\u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0645\u0637\u0627\u0628\u0642\u0629\u060c Z \u0644\u0644\u0646\u0647\u0627\u064a\u0629. \u0647\u0630\u0627 \u0627\u0644\u062a\u0642\u0633\u064a\u0645 \u064a\u062c\u0639\u0644 \u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0633\u062c\u0644\u0627\u062a \u0623\u0633\u0647\u0644 \u0633\u0648\u0627\u0621 \u064a\u062f\u0648\u064a\u0627\u064b \u0623\u0648 \u0639\u0628\u0631 \u0623\u062f\u0648\u0627\u062a \u0645\u062b\u0644 ELK Stack \u0648 Splunk.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0645\u062b\u0627\u0644 \u0639\u0644\u0649 \u0625\u062f\u062e\u0627\u0644 Audit Log\n--abcd1234-A--\n&#91;27\/Apr\/2026:10:23:45 +0300] aBcDeFgH 192.168.1.100 54321 ...\n\n--abcd1234-B--\nGET \/index.php?id=1' UNION SELECT user,password FROM users-- HTTP\/1.1\nHost: example.com\nUser-Agent: sqlmap\/1.7\n\n--abcd1234-H--\nMessage: Access denied with code 403 (phase 2).\nMatched \"Operator detectSQLi against ARGS:id\"\n&#91;file \"\/etc\/modsecurity\/crs\/rules\/REQUEST-942.conf\"]\n&#91;id \"942100\"] &#91;msg \"SQL Injection Attack Detected via libinjection\"]\n\n# \u0623\u0648\u0627\u0645\u0631 \u0645\u0641\u064a\u062f\u0629 \u0644\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0633\u062c\u0644\n# \u0639\u062f \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u062d\u0633\u0628 IP\ngrep \"Access denied\" \/var\/log\/apache2\/modsec_audit.log | \\\n    awk '{print $4}' | sort | uniq -c | sort -rn | head -20\n\n# \u0623\u0643\u062b\u0631 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u0625\u0637\u0644\u0627\u0642\u0627\u064b\ngrep \"id \\\"\" \/var\/log\/apache2\/modsec_audit.log | \\\n    grep -oP 'id \"\\d+\"' | sort | uniq -c | sort -rn<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-12\">\u062a\u062d\u0633\u064a\u0646 \u0623\u062f\u0627\u0621 ModSecurity \u0648\u062a\u0642\u0644\u064a\u0644 False Positives<\/h2>\n\n\n\n<p>\u0623\u062d\u062f \u0623\u0643\u0628\u0631 \u0627\u0644\u062a\u062d\u062f\u064a\u0627\u062a \u0639\u0646\u062f \u062a\u0634\u063a\u064a\u0644 ModSecurity \u0639\u0644\u0649 \u0628\u064a\u0626\u0629 \u0625\u0646\u062a\u0627\u062c\u064a\u0629 \u0647\u0648 \u0625\u062f\u0627\u0631\u0629 False Positives\u060c \u0623\u064a \u0627\u0644\u062d\u0627\u0644\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u062d\u062c\u0628 \u0641\u064a\u0647\u0627 \u0642\u0627\u0639\u062f\u0629 \u0637\u0644\u0628\u0627\u064b \u0645\u0634\u0631\u0648\u0639\u0627\u064b \u0639\u0646 \u0637\u0631\u064a\u0642 \u0627\u0644\u062e\u0637\u0623. \u0647\u0630\u0647 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0634\u0627\u0626\u0639\u0629 \u062c\u062f\u0627\u064b \u0641\u064a \u0627\u0644\u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u062a\u064a \u062a\u062a\u0639\u0627\u0645\u0644 \u0645\u0639 \u0645\u062d\u062a\u0648\u0649 \u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0645\u062b\u0644 \u0627\u0644\u0645\u062f\u0648\u0646\u0627\u062a \u0648\u0627\u0644\u0645\u0646\u062a\u062f\u064a\u0627\u062a. \u0627\u0644\u062d\u0644 \u0627\u0644\u0635\u062d\u064a\u062d \u0644\u064a\u0633 \u062a\u0639\u0637\u064a\u0644 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u0628\u0644 \u0636\u0628\u0637\u0647\u0627 \u0628\u062f\u0642\u0629 \u0639\u0628\u0631 \u0627\u0633\u062a\u062b\u0646\u0627\u0621\u0627\u062a (exclusions) \u0645\u062d\u062f\u062f\u0629.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0633\u062a\u0631\u0627\u062a\u064a\u062c\u064a\u0627\u062a \u062a\u0642\u0644\u064a\u0644 False Positives<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u062a\u0634\u063a\u064a\u0644 DetectionOnly \u0644\u0645\u062f\u0629 \u0623\u0633\u0628\u0648\u0639 \u0644\u062c\u0645\u0639 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0633\u0644\u0648\u0643 \u0627\u0644\u0637\u0628\u064a\u0639\u064a.<\/li>\n\n\n\n<li>\u0627\u0633\u062a\u062e\u062f\u0627\u0645 SecRuleRemoveById \u0644\u0627\u0633\u062a\u062b\u0646\u0627\u0621 \u0642\u0648\u0627\u0639\u062f \u0645\u062d\u062f\u062f\u0629 \u0644\u0645\u0633\u0627\u0631\u0627\u062a \u0645\u0639\u064a\u0646\u0629.<\/li>\n\n\n\n<li>\u0627\u0633\u062a\u062e\u062f\u0627\u0645 SecRuleUpdateTargetById \u0644\u062a\u0639\u062f\u064a\u0644 \u0627\u0644\u0645\u062a\u063a\u064a\u0631\u0627\u062a \u0627\u0644\u0645\u0641\u062d\u0648\u0635\u0629.<\/li>\n\n\n\n<li>\u0631\u0641\u0639 Anomaly Threshold \u062a\u062f\u0631\u064a\u062c\u064a\u0627\u064b \u0628\u062f\u0644\u0627\u064b \u0645\u0646 \u062d\u0630\u0641 \u0627\u0644\u0642\u0648\u0627\u0639\u062f.<\/li>\n\n\n\n<li>\u0627\u0633\u062a\u062e\u062f\u0627\u0645 sec-tweaks \u0627\u0644\u062c\u0627\u0647\u0632\u0629 \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0634\u0627\u0626\u0639\u0629 \u0645\u062b\u0644 \u0648\u0648\u0631\u062f\u0628\u0631\u064a\u0633.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u0623\u0645\u062b\u0644\u0629 \u0639\u0644\u0649 \u0627\u0633\u062a\u062b\u0646\u0627\u0621\u0627\u062a \u0634\u0627\u0626\u0639\u0629<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0627\u0633\u062a\u062b\u0646\u0627\u0621 \u0642\u0627\u0639\u062f\u0629 \u0645\u0639\u064a\u0646\u0629 \u0644\u0645\u0633\u0627\u0631 \u0645\u062d\u062f\u062f\nSecRule REQUEST_URI \"@beginsWith \/wp-admin\/admin-ajax.php\" \\\n    \"id:1001000,phase:1,nolog,pass,\\\n    ctl:ruleRemoveById=941100;ctl:ruleRemoveById=941110\"\n\n# \u0627\u0633\u062a\u062b\u0646\u0627\u0621 \u0645\u0639\u0627\u0645\u0644 \u0645\u0646 \u062c\u0645\u064a\u0639 \u0627\u0644\u0642\u0648\u0627\u0639\u062f\nSecRuleUpdateTargetByTag \"OWASP_CRS\" \"!ARGS:editor_content\"\n\n# \u0631\u0641\u0639 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0625\u0646\u0630\u0627\u0631\nSecAction \\\n    \"id:900110,phase:1,nolog,pass,t:none,\\\n    setvar:tx.inbound_anomaly_score_threshold=10\"<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-13\">\u0625\u062f\u0627\u0631\u0629 ModSecurity \u0645\u0646 cPanel<\/h2>\n\n\n\n<p>\u0625\u0630\u0627 \u0643\u0646\u062a \u062a\u0633\u062a\u062e\u062f\u0645 \u0627\u0633\u062a\u0636\u0627\u0641\u0629 \u0645\u0639 cPanel\/WHM \u0641\u0625\u0646 \u0625\u062f\u0627\u0631\u0629 ModSecurity \u062a\u0635\u0628\u062d \u0623\u0628\u0633\u0637 \u0628\u0643\u062b\u064a\u0631 \u0639\u0628\u0631 \u0627\u0644\u0648\u0627\u062c\u0647\u0629 \u0627\u0644\u0631\u0633\u0648\u0645\u064a\u0629. \u064a\u0642\u062f\u0645 WHM \u0641\u064a \u0625\u0635\u062f\u0627\u0631 2026 \u0644\u0648\u062d\u0629 \u0643\u0627\u0645\u0644\u0629 \u0644\u0625\u062f\u0627\u0631\u0629 ModSecurity \u0645\u0646 \u0642\u0633\u0645 Security Center \u062a\u062a\u064a\u062d \u0644\u0643 \u062a\u0634\u063a\u064a\u0644 \u0648\u0625\u064a\u0642\u0627\u0641 \u0627\u0644\u0642\u0648\u0627\u0639\u062f\u060c \u0639\u0631\u0636 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0645\u062d\u062c\u0648\u0628\u0629\u060c \u0625\u0636\u0627\u0641\u0629 \u0627\u0633\u062a\u062b\u0646\u0627\u0621\u0627\u062a\u060c \u0648\u062a\u0646\u0632\u064a\u0644 \u0642\u0648\u0627\u0639\u062f \u062c\u062f\u064a\u062f\u0629. \u0647\u0630\u0647 \u0627\u0644\u0648\u0627\u062c\u0647\u0629 \u0645\u062b\u0627\u0644\u064a\u0629 \u0644\u0645\u0646 \u064a\u0631\u064a\u062f \u0642\u0648\u0629 ModSecurity \u062f\u0648\u0646 \u0627\u0644\u062a\u0639\u0627\u0645\u0644 \u0645\u0639 \u0633\u0637\u0631 \u0627\u0644\u0623\u0648\u0627\u0645\u0631.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0645\u0647\u0627\u0645 \u0634\u0627\u0626\u0639\u0629 \u0645\u0646 WHM<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>ModSecurity Tools:<\/strong> \u0639\u0631\u0636 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u0623\u062e\u064a\u0631\u0629 \u0648\u0641\u0644\u062a\u0631\u062a\u0647\u0627 \u062d\u0633\u0628 \u0627\u0644\u0642\u0627\u0639\u062f\u0629 \u0623\u0648 IP.<\/li>\n\n\n\n<li><strong>ModSecurity Vendors:<\/strong> \u0625\u0636\u0627\u0641\u0629 \u0645\u0632\u0648\u062f\u064a \u0642\u0648\u0627\u0639\u062f \u0645\u062b\u0644 OWASP CRS \u0623\u0648 Comodo CWAF.<\/li>\n\n\n\n<li><strong>ModSecurity Configuration:<\/strong> \u0636\u0628\u0637 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a \u0627\u0644\u0639\u0627\u0645\u0629 \u0645\u0646 \u0648\u0627\u062c\u0647\u0629 \u0628\u0633\u064a\u0637\u0629.<\/li>\n\n\n\n<li><strong>cPHulk Brute Force Protection:<\/strong> \u064a\u0639\u0645\u0644 \u0628\u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0645\u0639 ModSecurity.<\/li>\n<\/ul>\n\n\n\n<p>\u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0646\u0647\u0627\u0626\u064a \u0641\u064a cPanel \u064a\u0633\u062a\u0637\u064a\u0639 \u0623\u064a\u0636\u0627\u064b \u0639\u0631\u0636 \u0647\u062c\u0645\u0627\u062a ModSecurity \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u062d\u0633\u0627\u0628\u0647 \u0641\u0642\u0637 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0623\u062f\u0627\u0629 ModSecurity \u062f\u0627\u062e\u0644 cPanel\u060c \u0648\u064a\u0645\u0643\u0646\u0647 \u0637\u0644\u0628 \u0631\u0641\u0639 \u0642\u0648\u0627\u0639\u062f \u0645\u0639\u064a\u0646\u0629 \u0645\u0646 \u0627\u0644\u0645\u0633\u0624\u0648\u0644 \u0625\u0630\u0627 \u0643\u0627\u0646\u062a \u062a\u0633\u0628\u0628 \u0645\u0634\u0627\u0643\u0644 \u0644\u0645\u0648\u0642\u0639\u0647. \u0647\u0630\u0627 \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0628\u064a\u0646 WHM \u0648 cPanel \u064a\u062c\u0639\u0644 \u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u0623\u0645\u0646 \u062c\u0645\u0627\u0639\u064a\u0629 \u0648\u0645\u0631\u0643\u0632\u064a\u0629 \u0645\u0639 \u0645\u0646\u062d \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0627\u0644\u0634\u0641\u0627\u0641\u064a\u0629 \u0627\u0644\u0643\u0627\u0645\u0644\u0629.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-14\">ModSecurity vs ImunifyAV vs Cloudflare WAF<\/h2>\n\n\n\n<p>\u0643\u062b\u064a\u0631 \u0645\u0646 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u064a\u062a\u0633\u0627\u0621\u0644\u0648\u0646 \u0639\u0646 \u0627\u0644\u0641\u0631\u0642 \u0628\u064a\u0646 ModSecurity \u0648\u062d\u0644\u0648\u0644 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u0623\u062e\u0631\u0649 \u0645\u062b\u0644 Imunify360 \u0648 Cloudflare WAF. \u0627\u0644\u062d\u0642\u064a\u0642\u0629 \u0623\u0646 \u0647\u0630\u0647 \u0627\u0644\u0623\u062f\u0648\u0627\u062a \u0644\u064a\u0633\u062a \u0628\u062f\u0627\u0626\u0644 \u0628\u0644 \u0645\u0643\u0645\u0644\u0627\u062a \u0644\u0628\u0639\u0636\u0647\u0627\u060c \u0648\u0623\u0641\u0636\u0644 \u0628\u0646\u064a\u0629 \u0623\u0645\u0646\u064a\u0629 \u062a\u062c\u0645\u0639 \u0628\u064a\u0646\u0647\u0627 \u062c\u0645\u064a\u0639\u0627\u064b \u0641\u064a \u0637\u0628\u0642\u0627\u062a \u0645\u062a\u0639\u062f\u062f\u0629 (Defense in Depth). \u0641\u0647\u0645 \u0646\u0642\u0627\u0637 \u0627\u0644\u0642\u0648\u0629 \u0644\u0643\u0644 \u062d\u0644 \u064a\u0633\u0627\u0639\u062f\u0643 \u0639\u0644\u0649 \u0628\u0646\u0627\u0621 \u0627\u0633\u062a\u0631\u0627\u062a\u064a\u062c\u064a\u0629 \u062d\u0645\u0627\u064a\u0629 \u0645\u062a\u0643\u0627\u0645\u0644\u0629.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0627\u0644\u0645\u0642\u0627\u0631\u0646\u0629 \u0627\u0644\u062c\u0648\u0647\u0631\u064a\u0629<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>ModSecurity:<\/strong> WAF \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0633\u064a\u0631\u0641\u0631\u060c \u0645\u0641\u062a\u0648\u062d \u0627\u0644\u0645\u0635\u062f\u0631\u060c \u0645\u0631\u0648\u0646\u0629 \u0639\u0627\u0644\u064a\u0629\u060c \u064a\u062d\u062a\u0627\u062c \u062e\u0628\u0631\u0629.<\/li>\n\n\n\n<li><strong>Imunify360:<\/strong> \u062d\u0644 \u062a\u062c\u0627\u0631\u064a \u0634\u0627\u0645\u0644 \u064a\u062f\u0645\u062c WAF \u0648 antivirus \u0648 patch management\u060c \u0623\u0633\u0647\u0644 \u0625\u062f\u0627\u0631\u0629.<\/li>\n\n\n\n<li><strong>Cloudflare WAF:<\/strong> \u062d\u0645\u0627\u064a\u0629 \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u0640 Edge\u060c \u064a\u062d\u062c\u0628 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0642\u0628\u0644 \u0648\u0635\u0648\u0644\u0647\u0627 \u0644\u0633\u064a\u0631\u0641\u0631\u0643 \u0623\u0635\u0644\u0627\u064b.<\/li>\n\n\n\n<li><strong>BitNinja:<\/strong> \u0645\u0646\u0627\u0641\u0633 Imunify360 \u0628\u0645\u064a\u0632\u0627\u062a \u0645\u0645\u0627\u062b\u0644\u0629 \u0648\u0633\u0639\u0631 \u0645\u062a\u0642\u0627\u0631\u0628.<\/li>\n<\/ul>\n\n\n\n<p>\u0627\u0644\u0625\u0633\u062a\u0631\u0627\u062a\u064a\u062c\u064a\u0629 \u0627\u0644\u0645\u062b\u0627\u0644\u064a\u0629 \u062a\u062c\u0645\u0639 Cloudflare WAF \u0643\u062e\u0637 \u062f\u0641\u0627\u0639 \u0623\u0648\u0644 \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 DNS\u060c \u062b\u0645 ModSecurity \u0643\u062e\u0637 \u062b\u0627\u0646\u064d \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u062e\u0627\u062f\u0645 \u0627\u0644\u0648\u064a\u0628\u060c \u0648\u0623\u062e\u064a\u0631\u0627\u064b \u062a\u0637\u0628\u064a\u0642 \u0646\u0641\u0633\u0647 \u064a\u062c\u0628 \u0623\u0646 \u064a\u0643\u062a\u0628 \u0628\u0637\u0631\u064a\u0642\u0629 \u0622\u0645\u0646\u0629 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 prepared statements \u0648\u0645\u0635\u0627\u062f\u0642\u0629 \u0642\u0648\u064a\u0629. \u0647\u0630\u0627 \u0627\u0644\u0646\u0645\u0648\u0630\u062c \u0627\u0644\u0645\u062a\u0639\u062f\u062f \u0627\u0644\u0637\u0628\u0642\u0627\u062a \u064a\u0636\u0645\u0646 \u0623\u0646 \u0641\u0634\u0644 \u0637\u0628\u0642\u0629 \u0648\u0627\u062d\u062f\u0629 \u0644\u0627 \u064a\u0639\u0646\u064a \u0633\u0642\u0648\u0637 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0628\u0627\u0644\u0643\u0627\u0645\u0644.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"section-15\">\u0627\u0644\u062e\u0644\u0627\u0635\u0629<\/h2>\n\n\n\n<p>\u0642\u062f\u0651\u0645\u0646\u0627 \u0641\u064a \u0647\u0630\u0627 \u0627\u0644\u062f\u0644\u064a\u0644 \u0634\u0631\u062d ModSecurity \u0628\u0634\u0643\u0644 \u0639\u0645\u0644\u064a \u0648\u0645\u062a\u0643\u0627\u0645\u0644\u060c \u0628\u062f\u0621\u0627\u064b \u0645\u0646 \u0641\u0647\u0645 \u0622\u0644\u064a\u0629 \u0639\u0645\u0644\u0647 \u0643\u062c\u062f\u0627\u0631 \u0646\u0627\u0631\u064a \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628\u060c \u0645\u0631\u0648\u0631\u0627\u064b \u0628\u062e\u0637\u0648\u0627\u062a \u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0639\u0644\u0649 Apache \u0648 Nginx\u060c \u0648\u0635\u0648\u0644\u0627\u064b \u0625\u0644\u0649 \u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f \u0645\u062e\u0635\u0635\u0629 \u0648\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0633\u062c\u0644\u0627\u062a. \u0623\u0635\u0628\u062d \u0648\u0627\u0636\u062d\u0627\u064b \u0623\u0646 ModSecurity \u0644\u064a\u0633 \u0645\u062c\u0631\u062f \u0623\u062f\u0627\u0629 \u0625\u0636\u0627\u0641\u064a\u0629 \u0628\u0644 \u0631\u0643\u064a\u0632\u0629 \u0623\u0633\u0627\u0633\u064a\u0629 \u0641\u064a \u062d\u0645\u0627\u064a\u0629 \u0623\u064a \u0645\u0648\u0642\u0639 \u062c\u062f\u064a \u0639\u0644\u0649 \u0627\u0644\u0625\u0646\u062a\u0631\u0646\u062a\u060c \u062e\u0627\u0635\u0629 \u0641\u064a 2026 \u062d\u064a\u062b \u062a\u062a\u0637\u0648\u0631 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0628\u0634\u0643\u0644 \u0623\u0633\u0631\u0639 \u0645\u0646 \u0623\u064a \u0648\u0642\u062a \u0645\u0636\u0649.<\/p>\n\n\n\n<p>\u0623\u0647\u0645 \u0646\u0642\u0637\u0629 \u0641\u064a \u0634\u0631\u062d ModSecurity \u0647\u064a \u0623\u0646 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0644\u064a\u0633\u062a \u0645\u0646\u062a\u062c\u0627\u064b \u062a\u0634\u062a\u0631\u064a\u0647 \u0648\u062a\u0646\u0633\u0627\u0647\u060c \u0628\u0644 \u0639\u0645\u0644\u064a\u0629 \u0645\u0633\u062a\u0645\u0631\u0629 \u0645\u0646 \u0627\u0644\u0636\u0628\u0637 \u0648\u0627\u0644\u0645\u0631\u0627\u0642\u0628\u0629 \u0648\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0633\u062c\u0644\u0627\u062a. \u0627\u0628\u062f\u0623 \u0628\u0648\u0636\u0639 DetectionOnly\u060c \u062b\u0645 \u0627\u0646\u062a\u0642\u0644 \u062a\u062f\u0631\u064a\u062c\u064a\u0627\u064b \u0644\u0644\u062d\u062c\u0628 \u0627\u0644\u0641\u0639\u0644\u064a\u060c \u0648\u0627\u0633\u062a\u062b\u0645\u0631 \u0641\u064a \u0641\u0647\u0645 \u0627\u0644\u0642\u0648\u0627\u0639\u062f \u0627\u0644\u062a\u064a \u062a\u0646\u0637\u0644\u0642 \u0639\u0644\u0649 \u0645\u0648\u0642\u0639\u0643 \u0644\u0636\u0628\u0637 \u062a\u062c\u0631\u0628\u0629 \u0633\u0644\u0633\u0629 \u0644\u0632\u0648\u0627\u0631\u0643 \u0645\u0639 \u0623\u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u0649 \u0623\u0645\u0627\u0646. \u0648\u0627\u0644\u0623\u0647\u0645: \u0644\u0627 \u062a\u0639\u062a\u0645\u062f \u0639\u0644\u0649 ModSecurity \u0648\u062d\u062f\u0647 \u0628\u0644 \u0627\u062c\u0645\u0639\u0647 \u0645\u0639 \u0637\u0628\u0642\u0627\u062a \u062d\u0645\u0627\u064a\u0629 \u0623\u062e\u0631\u0649 \u0645\u062b\u0644 Cloudflare \u0648 SSL \u0648 backup \u0645\u0646\u062a\u0638\u0645 \u0644\u062a\u062d\u0635\u0644 \u0639\u0644\u0649 \u0628\u0646\u064a\u0629 \u0623\u0645\u0646\u064a\u0629 \u0645\u062a\u064a\u0646\u0629 \u0644\u0627 \u062a\u0646\u0647\u0627\u0631 \u0645\u0646 \u0636\u0631\u0628\u0629 \u0648\u0627\u062d\u062f\u0629.<\/p>\n\n\n\n<div style=\"border-right:4px solid #7c3aed;background:#f5f3ff;padding:1.5rem;border-radius:0 12px 12px 0;margin:2rem 0\">\n<p style=\"margin:0 0 .5rem;font-weight:700;color:#4f46e5\">\u0627\u0628\u062f\u0623 \u0628\u062d\u0645\u0627\u064a\u0629 \u0627\u062d\u062a\u0631\u0627\u0641\u064a\u0629 \u0627\u0644\u064a\u0648\u0645<\/p>\n<p style=\"margin:0;color:#374151\">\u062d\u0645\u0627\u064a\u0629 ModSecurity \u0645\u062f\u0645\u062c\u0629 \u0641\u064a \u0643\u0644 \u062e\u0637\u0637 \u0645\u0631\u0627\u0645 \u0647\u0648\u0633\u062a \u0645\u0639 \u062f\u0639\u0645 \u0641\u0646\u064a \u0639\u0631\u0628\u064a \u0639\u0644\u0649 \u0645\u062f\u0627\u0631 \u0627\u0644\u0633\u0627\u0639\u0629 \u0648\u0642\u0648\u0627\u0639\u062f \u0645\u062d\u062f\u062b\u0629 \u062a\u0644\u0642\u0627\u0626\u064a\u0627\u064b. <a href=\"https:\/\/maram.iq\" target=\"_blank\" rel=\"noopener\" style=\"color:#4f46e5;font-weight:600\">\u0627\u0628\u062f\u0623 \u0645\u0646 \u0647\u0646\u0627<\/a>.<\/p>\n<\/div>\n\n\n<h2 id=\"section-16\">\u0627\u0644\u0623\u0633\u0626\u0644\u0629 \u0627\u0644\u0634\u0627\u0626\u0639\u0629<\/h2>\n<h3>\u0647\u0644 ModSecurity \u0645\u062c\u0627\u0646\u064a \u0641\u0639\u0644\u0627\u064b \u0623\u0645 \u0647\u0646\u0627\u0643 \u0625\u0635\u062f\u0627\u0631 \u0645\u062f\u0641\u0648\u0639\u061f<\/h3>\n<p>ModSecurity \u0645\u062c\u0627\u0646\u064a \u062a\u0645\u0627\u0645\u0627\u064b \u0648\u0645\u0641\u062a\u0648\u062d \u0627\u0644\u0645\u0635\u062f\u0631 \u062a\u062d\u062a \u0631\u062e\u0635\u0629 Apache 2.0\u060c \u0648\u0644\u0627 \u064a\u0648\u062c\u062f \u0625\u0635\u062f\u0627\u0631 \u0645\u062f\u0641\u0648\u0639 \u0645\u0646\u0647. \u0645\u0627 \u064a\u062f\u0641\u0639 \u0644\u0647 \u0628\u0639\u0636 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0647\u0648 \u0642\u0648\u0627\u0639\u062f \u062a\u062c\u0627\u0631\u064a\u0629 \u0645\u062a\u062e\u0635\u0635\u0629 \u0645\u062b\u0644 Trustwave Commercial Rules \u0623\u0648 Atomicorp Rules \u0627\u0644\u062a\u064a \u062a\u0642\u062f\u0645 \u0642\u0648\u0627\u0639\u062f \u0625\u0636\u0627\u0641\u064a\u0629 \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0645\u0639\u064a\u0646\u0629\u060c \u0644\u0643\u0646 \u0642\u0648\u0627\u0639\u062f OWASP CRS \u0645\u062c\u0627\u0646\u064a\u0629 \u0648\u0643\u0627\u0641\u064a\u0629 \u0644\u0645\u0639\u0638\u0645 \u0627\u0644\u062d\u0627\u0644\u0627\u062a.<\/p>\n<h3>\u0647\u0644 ModSecurity \u064a\u0628\u0637\u0626 \u0645\u0648\u0642\u0639\u064a\u061f<\/h3>\n<p>\u0627\u0644\u0640 overhead \u0627\u0644\u0630\u064a \u064a\u0636\u064a\u0641\u0647 ModSecurity \u0639\u0627\u062f\u0629 \u0645\u0627 \u064a\u0643\u0648\u0646 \u0628\u064a\u0646 5% \u0648 15% \u0639\u0644\u0649 \u0648\u0642\u062a \u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0637\u0644\u0628\u060c \u0648\u0647\u0648 \u0636\u0626\u064a\u0644 \u0645\u0642\u0627\u0631\u0646\u0629 \u0628\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u062a\u064a \u064a\u0648\u0641\u0631\u0647\u0627. \u0639\u0644\u0649 \u0627\u0644\u0633\u064a\u0631\u0641\u0631\u0627\u062a \u0627\u0644\u062d\u062f\u064a\u062b\u0629 \u0628\u0645\u0639\u0627\u0644\u062c\u0627\u062a \u0642\u0648\u064a\u0629 \u0644\u0627 \u064a\u0634\u0639\u0631 \u0627\u0644\u0632\u0648\u0627\u0631 \u0628\u0623\u064a \u0641\u0631\u0642. \u0644\u062a\u0642\u0644\u064a\u0644 \u0627\u0644\u062a\u0623\u062b\u064a\u0631 \u064a\u0645\u0643\u0646 \u062a\u0639\u0637\u064a\u0644 \u0641\u062d\u0635 \u0645\u062d\u062a\u0648\u0649 \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 (SecResponseBodyAccess Off) \u0644\u0623\u0646\u0647 \u0627\u0644\u0623\u0643\u062b\u0631 \u0627\u0633\u062a\u0647\u0644\u0627\u0643\u0627\u064b \u0644\u0644\u0645\u0648\u0627\u0631\u062f.<\/p>\n<h3>\u0645\u0627 \u0627\u0644\u0641\u0631\u0642 \u0628\u064a\u0646 ModSecurity v2 \u0648 v3\u061f<\/h3>\n<p>\u0627\u0644\u0641\u0631\u0642 \u0627\u0644\u0631\u0626\u064a\u0633\u064a \u0623\u0646 v3 \u0623\u0639\u064a\u062f\u062a \u0643\u062a\u0627\u0628\u062a\u0647\u0627 \u0628\u0627\u0644\u0643\u0627\u0645\u0644 \u0628\u0644\u063a\u0629 C++ \u0643\u0645\u0643\u062a\u0628\u0629 \u0645\u0633\u062a\u0642\u0644\u0629 (libmodsecurity) \u064a\u0645\u0643\u0646 \u062f\u0645\u062c\u0647\u0627 \u0645\u0639 \u0623\u064a \u062e\u0627\u062f\u0645 \u0648\u064a\u0628 \u0639\u0628\u0631 connectors\u060c \u0628\u064a\u0646\u0645\u0627 v2 \u0643\u0627\u0646\u062a \u0648\u062d\u062f\u0629 Apache \u0645\u0631\u062a\u0628\u0637\u0629 \u0628\u0634\u0643\u0644 \u0648\u062b\u064a\u0642 \u0628\u0640 Apache. v3 \u0623\u0633\u0631\u0639 \u0648\u0623\u0643\u062b\u0631 \u0645\u0631\u0648\u0646\u0629 \u0648\u062a\u062f\u0639\u0645 Nginx \u0628\u0634\u0643\u0644 \u0623\u0635\u0644\u064a\u060c \u0644\u0643\u0646 v2 \u0644\u0627 \u062a\u0632\u0627\u0644 \u0623\u0643\u062b\u0631 \u0627\u0633\u062a\u0642\u0631\u0627\u0631\u0627\u064b \u0648\u0645\u062f\u0639\u0648\u0645\u0629 \u0628\u0634\u0643\u0644 \u0623\u0641\u0636\u0644 \u0641\u064a cPanel\/WHM.<\/p>\n<h3>\u0647\u0644 \u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 ModSecurity \u0628\u062f\u0648\u0646 OWASP CRS\u061f<\/h3>\n<p>\u0646\u0639\u0645 \u062a\u0642\u0646\u064a\u0627\u064b\u060c \u0644\u0643\u0646\u0647 \u0644\u0646 \u064a\u0648\u0641\u0631 \u0623\u064a \u062d\u0645\u0627\u064a\u0629 \u0644\u0623\u0646\u0647 \u0645\u062c\u0631\u062f \u0645\u062d\u0631\u0643 \u0628\u062f\u0648\u0646 \u0642\u0648\u0627\u0639\u062f. \u0639\u0644\u064a\u0643 \u0625\u0645\u0627 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 CRS \u0623\u0648 \u0643\u062a\u0627\u0628\u0629 \u0642\u0648\u0627\u0639\u062f\u0643 \u0627\u0644\u062e\u0627\u0635\u0629 \u0645\u0646 \u0627\u0644\u0635\u0641\u0631\u060c \u0648\u0647\u0630\u0627 \u063a\u064a\u0631 \u0639\u0645\u0644\u064a \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0639\u0627\u062f\u064a. CRS \u0647\u0648 \u0627\u0644\u062e\u064a\u0627\u0631 \u0627\u0644\u0642\u064a\u0627\u0633\u064a \u0648\u0627\u0644\u0645\u062c\u0627\u0646\u064a \u0627\u0644\u0630\u064a \u064a\u0648\u0641\u0631 \u062a\u063a\u0637\u064a\u0629 \u0634\u0627\u0645\u0644\u0629 \u0644\u0640 OWASP Top 10 \u062f\u0648\u0646 \u0627\u0644\u062d\u0627\u062c\u0629 \u0644\u062e\u0628\u0631\u0629 \u0639\u0645\u064a\u0642\u0629 \u0628\u0643\u062a\u0627\u0628\u0629 \u0627\u0644\u0642\u0648\u0627\u0639\u062f.<\/p>\n<h3>\u0643\u064a\u0641 \u0623\u062a\u0639\u0627\u0645\u0644 \u0645\u0639 False Positive \u064a\u062d\u062c\u0628 \u0645\u0648\u0642\u0639\u064a\u061f<\/h3>\n<p>\u0623\u0648\u0644\u0627\u064b \u0627\u0641\u062d\u0635 \/var\/log\/apache2\/modsec_audit.log \u0644\u062a\u062d\u062f\u062f \u0631\u0642\u0645 \u0627\u0644\u0642\u0627\u0639\u062f\u0629 (id) \u0627\u0644\u062a\u064a \u062a\u0633\u0628\u0628\u062a \u0628\u0627\u0644\u062d\u062c\u0628\u060c \u062b\u0645 \u0623\u0636\u0641 \u0627\u0633\u062a\u062b\u0646\u0627\u0621 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 SecRuleRemoveById \u0644\u062a\u0644\u0643 \u0627\u0644\u0642\u0627\u0639\u062f\u0629 \u0641\u0642\u0637 \u0644\u0644\u0645\u0633\u0627\u0631 \u0627\u0644\u0645\u062a\u0623\u062b\u0631. \u0644\u0627 \u062a\u0639\u0637\u0644 \u0627\u0644\u0642\u0627\u0639\u062f\u0629 \u0628\u0634\u0643\u0644 \u0643\u0627\u0645\u0644 \u0644\u0623\u0646\u0647\u0627 \u0642\u062f \u062a\u062d\u0645\u064a \u0645\u0633\u0627\u0631\u0627\u062a \u0623\u062e\u0631\u0649. \u0627\u0644\u062d\u0644 \u0627\u0644\u0645\u062b\u0627\u0644\u064a \u0647\u0648 \u062a\u062d\u062f\u064a\u062f \u0627\u0644\u0645\u0639\u0627\u0645\u0644 \u0627\u0644\u0630\u064a \u0633\u0628\u0628 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0648\u0627\u0633\u062a\u062b\u0646\u0627\u0624\u0647 \u0641\u0642\u0637 \u0628\u062f\u0644\u0627\u064b \u0645\u0646 \u062a\u0639\u0637\u064a\u0644 \u0627\u0644\u0642\u0627\u0639\u062f\u0629 \u0643\u0627\u0645\u0644\u0629.<\/p>","protected":false},"excerpt":{"rendered":"<p>\u0634\u0631\u062d ModSecurity 2026: \u0627\u0644\u062c\u062f\u0627\u0631 \u0627\u0644\u0646\u0627\u0631\u064a \u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u062f\u0644\u064a\u0644 \u0639\u0645\u0644\u064a \u0634\u0627\u0645\u0644 \u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0642\u0639\u0643 \u0645\u0646 SQL Injection \u0648 XSS \u0648\u0623\u062e\u0637\u0631 \u0647\u062c\u0645\u0627\u062a OWASP Top 10 \u0634\u0631\u062d ModSecurity \u0623\u0635\u0628\u062d \u0645\u0646 \u0623\u0647\u0645 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639 \u0627\u0644\u062a\u064a \u064a\u062c\u0628&#8230;<\/p>\n","protected":false},"author":1,"featured_media":3217,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[172],"tags":[367,364,271,366,365,247,351,153],"class_list":["post-3186","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-172","tag-apache","tag-modsecurity","tag-nginx","tag-owasp","tag-sql-injection","tag-waf","tag-xss","tag-153"],"_links":{"self":[{"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/posts\/3186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/comments?post=3186"}],"version-history":[{"count":1,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/posts\/3186\/revisions"}],"predecessor-version":[{"id":3218,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/posts\/3186\/revisions\/3218"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/media\/3217"}],"wp:attachment":[{"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/media?parent=3186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/categories?post=3186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/maram.iq\/blogs\/wp-json\/wp\/v2\/tags?post=3186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}