[ckan-dev] CKAN Open Data Portal - Possible WAF implementation

John Jediny - XAAB john.jediny at gsa.gov
Tue Aug 16 13:22:05 UTC 2016


We're testing OWASP project called modsecurity
<https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project>
an Open Source Web Application Firewall...

   - http://modsecurity.org/
   - http://modsecurity.org/download.html
   - https://github.com/SpiderLabs/ModSecurity/wiki


Here are the ansible steps we use to install on CKAN's Apache web server

---
- name: make sure packages are installed
action: apt pkg={{item}} state=installed
with_items:
- apache2
- libapache2-mod-wsgi
- libapache2-modsecurity


- name: Apache | Enable Web Application Firewall required modules
action: command a2enmod rewrite headers
tags: common
- name: Apache | Enable Web Application Firewall
action: command a2enmod security2
tags:
- web_application_firewall


On Tue, Aug 16, 2016 at 7:18 AM, Van Herreweghe, Noel <
noel.vanherreweghe at bz.vlaanderen.be> wrote:

> Dear
>
>
>
> The Flemish Government in Belgium is using CKAN for his open data portal.
>
>
>
> We would like to find out if any other country, using CKAN, has
> implemented any appliance, server plugin, or filter such as a web
> application firewall.
>
>
>
>
>
> *Noël Van Herreweghe*
>
> Advisor – Program Manager Open Data
>
> *INFORMATION *VLAANDEREN
>
> *M* 0032 (0)473 881872
>
> Noel.vanherreweghe at bz.vlaanderen.be
>
> Boudewijnlaan 30, 1000 Brussels - Belgium
>
> Koningin Maria Hendrikaplein 70, 9000 Gent - Belgium
>
> *www.vlaanderen.be <http://www.vlaanderen.be>*
>
>
>
> *Stel je vraag aan de overheid!*
>
> *Bel gratis 1700 of surf naar **www.vlaanderen.be*
> <http://www.vlaanderen.be/>
>
>
>
> ////////////////////////////////////////////////////////////
> //////////////////////
>
> [image:
> http://www.bestuurszaken.be/sites/default/files/documenten/vastgoed-fm/projecten/VO_logo_email.png]
>
>
>
> --
>
>


-- 
Chief Data Engineer
202-341-0191
@Data.gov
@Office of Citizen Science and Innovative Technologies/18F
<http://www.gsa.gov/portal/category/25729>
General Services Administration

Work in the Open... ideate, innovate, iterate...
@github <https://github.com/JJediny> | @projectopendata
<https://github.com/project-open-data>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20160816/94c57adf/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 17138 bytes
Desc: not available
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20160816/94c57adf/attachment-0002.png>


More information about the ckan-dev mailing list