{"id":6706,"date":"2023-08-03T08:45:36","date_gmt":"2023-08-02T23:45:36","guid":{"rendered":"https:\/\/www.prime-strategy.co.jp\/column\/?p=6706"},"modified":"2026-02-17T01:53:31","modified_gmt":"2026-02-16T16:53:31","slug":"__trashed","status":"publish","type":"post","link":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706","title":{"rendered":"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"WAF%E3%82%92%E5%B0%8E%E5%85%A5%E3%81%99%E3%82%8B%E3%83%A1%E3%83%AA%E3%83%83%E3%83%88\"><\/span>WAF\u3092\u5c0e\u5165\u3059\u308b\u30e1\u30ea\u30c3\u30c8<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>WAF\u3068\u306f\u3001Web Application Firewall\u306e\u7565\u79f0\u3067\u3042\u308a\u3001Web\u4e0a\u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3001\u305f\u3068\u3048\u3070WordPress\u306a\u3069\u3092\u653b\u6483\u304b\u3089\u4fdd\u8b77\u3059\u308b\u305f\u3081\u306e\u4e00\u3064\u306e\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u3067\u3059\u3002SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3084\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306a\u3069\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3088\u3046\u3068\u3059\u308b\u4e0d\u6b63\u306a\u30a2\u30af\u30bb\u30b9\u3092\u3001PHP\u306a\u3069\u306e\u30d7\u30ed\u30b0\u30e9\u30e0\u5b9f\u884c\u30ec\u30a4\u30e4\u3067\u306f\u306a\u304f\u305d\u306e\u624b\u524d\u3067\u9632\u3050\u3053\u3068\u304c\u3067\u304d\u308b\u305f\u3081\u3001\u672a\u4fee\u6b63\u306e\u8106\u5f31\u6027\u306b\u3088\u308b\u88ab\u5bb3\u3092\u53d7\u3051\u308b\u30ea\u30b9\u30af\u3092\u8efd\u6e1b\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u904e\u53bb\u306b\u3082\u5f53\u30b5\u30a4\u30c8\u306e<a href=\"https:\/\/www.prime-strategy.co.jp\/column\/archives\/column_2303\" target=\"_blank\" rel=\"noreferrer noopener\">WAF\u3067\u653b\u6483\u306b\u5099\u3048\u308b(\uff61\uff65\u0434\uff65)o\u252b\uff9e;`;:\uff9e;`;:<\/a>\u306a\u3069\u3067\u89e3\u8aac\u3057\u307e\u3057\u305f\u304c\u4eca\u56de\u306f\u3055\u3089\u306b\u8a73\u3057\u304f\u89e3\u8aac\u3057\u3066\u307e\u3044\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"KUSANAGI%E3%81%A7WAF%E3%82%92%E6%9C%89%E5%8A%B9%E3%81%AB%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95\"><\/span>KUSANAGI\u3067WAF\u3092\u6709\u52b9\u306b\u3059\u308b\u65b9\u6cd5<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>KUSANAGI\u3067\u306f\u3001\u6a19\u6e96\u642d\u8f09\u306eWAF\u3068\u3057\u3066\u3001nginx\u3067\u306fNAXSI\u3001Apache\u3067\u306fModSecurity\u3092\u5229\u7528\u3057\u3066\u3044\u307e\u3059\u3002\u306a\u304a\u3001\u521d\u671f\u72b6\u614b\u3067\u306f\u6709\u52b9\u3068\u306a\u3063\u3066\u3044\u307e\u305b\u3093\u306e\u3067\u3001\u624b\u52d5\u3067\u6709\u52b9\u5316\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u6709\u52b9\u5316\u306f\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u4e00\u3064\u3067\u5b8c\u4e86\u3057\u307e\u3059\u3002\u306a\u304a\u3001\u521d\u56de\u3067\u306f\u95a2\u9023\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3082\u884c\u308f\u308c\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>kusanagi waf on<\/code><\/pre>\n\n\n\n<p>\u3046\u307e\u304f\u884c\u3063\u3066\u3044\u308c\u3070\u6700\u5f8c\u306b\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u6587\u5b57\u5217\u304c\u8868\u793a\u3055\u308c\u308b\u306f\u305a\u3067\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>restart completed.<br>waf completed.<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"nginx%E3%81%AENAXSI%E3%81%A7%E3%82%A8%E3%83%A9%E3%83%BC%E3%81%8C%E5%87%BA%E3%81%9F%E9%9A%9B%E3%81%AB%E5%8E%9F%E5%9B%A0%E3%82%92%E5%88%86%E6%9E%90%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95\"><\/span>nginx\u306eNAXSI\u3067\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u969b\u306b\u539f\u56e0\u3092\u5206\u6790\u3059\u308b\u65b9\u6cd5<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>\u3055\u3066\u3001\u6709\u52b9\u5316\u3057\u305f\u3082\u306e\u306e\u3001\u5b9f\u969b\u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066\u307f\u305f\u3089\u3057\u3070\u3057\u3070403 Forbidden\u306a\u3069\u304c\u8868\u793a\u3055\u308c\u308b\u3053\u3068\u304c\u3042\u308b\u304b\u3068\u601d\u3044\u307e\u3059\u3002\u3053\u306e\u3088\u3046\u306a\u969b\u306b\u539f\u56e0\u3092\u5206\u6790\u3059\u308b\u65b9\u6cd5\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u203b\u306a\u304a\u3001KUSANAGI\u3067\u306fWordPress\u5411\u3051\u306b\u6700\u9069\u5316\u3057\u305fNAXSI\u30eb\u30fc\u30eb\u304c\u6a19\u6e96\u3067\u542b\u307e\u308c\u3066\u3044\u308b\u305f\u3081\u4e0b\u8a18\u3067\u793a\u3059\u30a8\u30e9\u30fc\u306f\u767a\u751f\u3057\u307e\u305b\u3093\u3002\u4eca\u56de\u306f\u7279\u5225\u306b\u305d\u308c\u3092\u7121\u52b9\u5316\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u307e\u305a\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u753b\u9762\u304c\u51fa\u305f\u3089\u305d\u306e\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u306enginx\u306e\u30a8\u30e9\u30fc\u30ed\u30b0\u3092\u898b\u3066\u307f\u307e\u3057\u3087\u3046\u3002\u30d5\u30a1\u30a4\u30eb\u306f\/home\/kusanagi\/(\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u540d)\/log\/nginx\/error.log (HTTPS\u3067\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u3066\u3044\u308b\u5834\u5408\u306fssl_error.log)\u3067\u3059\u3002<\/p>\n\n\n<div class=\"wp-block-image img-border\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"709\" height=\"330\" src=\"https:\/\/www.prime-strategy.co.jp\/column\/wp-content\/uploads\/2023\/07\/29d3bc99193cb0b837fb8cc53f050ae5.png\" alt=\"NAXSI WAF\u306b\u3088\u308b403\u753b\u9762\" class=\"wp-image-6708\" srcset=\"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/29d3bc99193cb0b837fb8cc53f050ae5.png 709w, https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/29d3bc99193cb0b837fb8cc53f050ae5-300x140.png 300w\" sizes=\"auto, (max-width: 709px) 100vw, 709px\" \/><\/figure>\n<\/div>\n\n\n<p>\u30ed\u30b0\u3092\u898b\u3066\u307f\u305f\u3068\u3053\u308d\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u78ba\u8a8d\u3067\u304d\u307e\u3057\u305f:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>2023\/07\/21 08:36:23 &#91;error] 7432#7432: *1 NAXSI_FMT: ip=192.0.2.1&amp;server=example.com.internal&amp;uri=\/wp-login.php&amp;vers=1.3&amp;total_processed=1&amp;total_blocked=1&amp;config=block&amp;cscore0=$XSS&amp;score0=16&amp;zone0=HEADERS&amp;id0=1315&amp;var_name0=cookie, client: 50.5.35.41, server: example.com.internal, request: \"GET \/wp-login.php?action=logout&amp;_wpnonce=facec0ed55 HTTP\/1.1\", host: \"example.com.internal\", referrer: \"http:\/\/example.com.internal\/\"<\/code><\/pre>\n\n\n\n<p>\u307e\u305aid0\u3092\u78ba\u8a8d\u3057\u3066\u307f\u3066\u304f\u3060\u3055\u3044\u30021315\u3068\u66f8\u304b\u308c\u3066\u3044\u307e\u3059\u306d\u3002\u3053\u308c\u304c\u4eca\u56de\u5f15\u3063\u304b\u304b\u3063\u305f\u30d5\u30a3\u30eb\u30bf\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002\u306a\u304a\u3001\u8907\u6570\u5f15\u3063\u304b\u304b\u3063\u305f\u5834\u5408\u306b\u306f\u3053\u308c\u304cid1\u3001id2\u2026\u306a\u3069\u3068\u5897\u3048\u3066\u3044\u304d\u307e\u3059\u3002\u3055\u3066\u3001\u3067\u306f\u4eca\u56de\u793a\u3055\u308c\u3066\u3044\u308bID\u306e1315\u304c\u4f55\u306a\u306e\u304b\u78ba\u8a8d\u3057\u307e\u3057\u3087\u3046\u3002\u30d9\u30fc\u30b9\u3068\u306a\u308b\u30eb\u30fc\u30eb\u306f\/etc\/opt\/kusanagi\/nginx\/naxsi.d\/naxsi_core.rules.conf\u306b\u8a18\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u30d5\u30a1\u30a4\u30eb\u3092\u958b\u3044\u30661315\u3067\u7d5e\u308a\u8fbc\u3093\u3060\u3068\u3053\u308d\u3001\u4ee5\u4e0b\u306e\u884c\u304c\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>MainRule \"rx:%&#91;23].\"&nbsp; \"msg:double encoding\" \"mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie\" \"s:$XSS:8\" id:1315;<\/code><\/pre>\n\n\n\n<p>\u3053\u3053\u304b\u3089\u5c0e\u304d\u51fa\u305b\u308b\u3082\u306e\u3068\u3057\u3066\u306f\u3001\u30a8\u30f3\u30b3\u30fc\u30c9\u304c\u4e8c\u91cd\u306b\u3055\u308c\u3066\u3044\u308b\u304b\u3089\u5371\u967a\u5ea6\u306e\u30b9\u30b3\u30a2\u3092\u4e0a\u3052\u305f\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002<\/p>\n\n\n\n<p>\u7d9a\u3044\u3066\u3001\u3053\u308c\u306b\u5bfe\u51e6\u3059\u308b\u305f\u3081\u306e\u30d5\u30a3\u30eb\u30bf\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002\u305d\u306e\u305f\u3081\u306b\u3069\u3053\u3067\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u305f\u304b\u3092\u3055\u3089\u306b\u8abf\u3079\u307e\u3059\u3002\u4e0a\u306e\u30a8\u30e9\u30fc\u30ed\u30b0\u304b\u3089zone0\u3068\u3044\u3046\u3082\u306e\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3068\u3001HEADERS\u3068\u66f8\u304b\u308c\u3066\u3044\u307e\u3059\u3002\u3064\u307e\u308aHTTP\u30d8\u30c3\u30c0\u306b\u306a\u306b\u304b\u7570\u5e38\u304c\u3042\u3063\u305f\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3059\u3002\u305d\u3057\u3066\u3001var_name0\u3092\u78ba\u8a8d\u3059\u308b\u3068\u3001cookie\u3068\u66f8\u304b\u308c\u3066\u3044\u307e\u3059\u3002\u3064\u307e\u308a\u4eca\u56de\u306fHTTP\u30d8\u30c3\u30c0\u3068\u3057\u3066\u9001\u3089\u308c\u3066\u304d\u305fCookie\u304c\u304a\u304b\u3057\u3044\u3068\u3044\u3046\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u306e\u3067\u3001\u3053\u308c\u3092\u9664\u5916\u3059\u308b\u3082\u306e\u3092\u66f8\u304d\u307e\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<p>\u4eca\u56de\u306e\u5834\u5408\u306f\u3053\u306e\u3088\u3046\u306a\u69cb\u6587\u3068\u306a\u308a\u307e\u3059:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>BasicRule wl:1315 \"mz:$HEADERS_VAR:cookie\";<\/code><\/pre>\n\n\n\n<p>wl(\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u306e\u610f\u5473\u3067\u3059)\u306bID\u3092\u3001mz(\u30de\u30c3\u30c1\u3057\u305f\u30be\u30fc\u30f3\u306e\u610f\u5473\u3067\u3059):\u304b\u3089\u5148\u306b\u306f\u9664\u5916\u30eb\u30fc\u30eb\u3092\u5165\u308c\u307e\u3059\u3002\u4eca\u56de\u306e\u5834\u5408\u306f\u3001HTTP\u30d8\u30c3\u30c0\u306eCookie\u306b\u304a\u3044\u3066\u306f1315\u3092\u9664\u5916\u3059\u308b\u3068\u3044\u3063\u305f\u3082\u306e\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u3053\u308c\u3092\/etc\/opt\/kusanagi\/nginx\/naxsi.d\/wordpress\/user.conf\u3078\u5165\u308c\u308c\u3070OK\u3067\u3059\u3002<\/p>\n\n\n\n<p>\u5165\u308c\u3066kusanagi nginx\u3067nginx\u3092\u518d\u8d77\u52d5\u3057\u3066\u554f\u984c\u304c\u8d77\u304d\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3067\u304d\u307e\u3057\u305f\u3002<\/p>\n\n\n\n<p>\u554f\u984c\u304c\u767a\u751f\u3059\u308b\u305f\u3073\u306b\u3053\u306e\u4f5c\u696d\u3092\u7e70\u308a\u8fd4\u3057\u3066\u30d5\u30a3\u30eb\u30bf\u306e\u7cbe\u5ea6\u3092\u4e0a\u3052\u3066\u3044\u304d\u307e\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Apache%E3%81%AEModSecurity%E3%81%A7%E3%82%A8%E3%83%A9%E3%83%BC%E3%81%8C%E7%99%BA%E7%94%9F%E3%81%97%E3%81%9F%E9%9A%9B%E3%81%AB%E5%8E%9F%E5%9B%A0%E3%82%92%E5%88%86%E6%9E%90%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95\"><\/span>Apache\u306eModSecurity\u3067\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u305f\u969b\u306b\u539f\u56e0\u3092\u5206\u6790\u3059\u308b\u65b9\u6cd5<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>KUSANAGI\u306f\u6a19\u6e96\u3067\u306fnginx\u3092\u5229\u7528\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u3057\u3070\u3057\u3070\u5b9f\u904b\u7528\u3067\u306fApache\u3092\u5229\u7528\u3059\u308b\u3053\u3068\u304c\u3042\u308b\u304b\u3068\u601d\u3044\u307e\u3059\u3002\u305d\u3053\u3067\u3001Apache\u306b\u304a\u3044\u3066ModSecurity\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u30a8\u30e9\u30fc\u539f\u56e0\u306e\u5206\u6790\u6cd5\u3082\u5408\u308f\u305b\u3066\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u4eca\u56de\u306e\u305f\u3081\u306b\u7279\u5225\u306b\u5236\u4f5c\u3057\u305f\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u7528\u3044\u3066\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3057\u3001\u4ee5\u4e0b\u306e\u30d6\u30ed\u30c3\u30af\u753b\u9762\u3092\u8868\u793a\u3055\u305b\u307e\u3057\u305f\u3002<\/p>\n\n\n\n<p>\u3082\u3057ModSecurity\u304c\u4e0d\u6b63\u306a\u30ea\u30af\u30a8\u30b9\u30c8\u3068\u307f\u306a\u3057\u305f\u5834\u5408\u3001\u30b5\u30fc\u30d0\u306f\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u753b\u9762\u3092\u8fd4\u3057\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u906e\u65ad\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large img-border\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"474\" src=\"https:\/\/www.prime-strategy.co.jp\/column\/wp-content\/uploads\/2023\/07\/image-1-1024x474.png\" alt=\"ModSecurity WAF\u306b\u3088\u308b403\u753b\u9762\" class=\"wp-image-6745\" srcset=\"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/image-1-1024x474.png 1024w, https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/image-1-300x139.png 300w, https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/image-1-768x355.png 768w, https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/image-1-1536x711.png 1536w, https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/07\/image-1.png 1917w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>\u3053\u306e\u969b\u3001\/home\/kusanagi\/(\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u540d)\/log\/httpd\/error.log (HTTPS\u306e\u5834\u5408\u306fssl_error.log)\u306b\u906e\u65ad\u3055\u308c\u305f\u7406\u7531\u304c\u51fa\u529b\u3055\u308c\u307e\u3059\u3002\u30ed\u30b0\u306b\u306f\u5927\u91cf\u306e\u30e1\u30c3\u30bb\u30fc\u30b8\u304c\u51fa\u529b\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u306e\u3067\u3001\u304b\u3044\u3064\u307e\u3093\u3067\u8aac\u660e\u3057\u307e\u3059\u3002\u4ee5\u4e0b\u306b\u30ed\u30b0\u306e\u4e00\u4f8b\u3092\u793a\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u30a2\u30af\u30bb\u30b9\u304c\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305f\u524d\u5f8c\u306e\u6642\u9593\u306e\u60c5\u5831\u3092\u307e\u305a\u78ba\u8a8d\u3057\u307e\u3059\u3002\u884c\u306e\u982d\u3042\u305f\u308a\u306b\u3042\u308b\u3001[Fri Jul 21 08:36:23.102987 2023]\u306e\u3088\u3046\u306a\u6587\u5b57\u5217\u306e\u3068\u3053\u308d\u304b\u3089\u78ba\u8a8d\u3067\u304d\u307e\u3059(\u3061\u306a\u307f\u306b\u4e0a\u306e\u5834\u5408\u306f2023\u5e747\u670821\u65e5\u91d1\u66dc\u65e5\u306e\u5348\u524d8\u664236\u520623\u79d2\u306b\u5f53\u8a72\u4e8b\u8c61\u304c\u3042\u3063\u305f\u3068\u3044\u3046\u610f\u5473\u3067\u3059)\u3002<\/p>\n\n\n\n<p>\u305d\u3057\u3066\u3001\u4e0d\u6b63\u306a\u30ea\u30af\u30a8\u30b9\u30c8\u3068\u8a8d\u8b58\u3055\u308c\u305f\u539f\u56e0\u306f[id \"920220\"]\u3084[id \"920270\"]\u3001[id \"949110\"]\u305d\u308c\u306b[id \"980130\"]\u306a\u3069\u304c\u4e00\u4f8b\u3068\u3057\u3066\u51fa\u529b\u3055\u308c\u307e\u3059\u3002\u3053\u3053\u307e\u3067\u306e\u3053\u3068\u3092\u307e\u3068\u3081\u308b\u3068\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30a8\u30e9\u30fc\u30ed\u30b0\u304c\u51fa\u3066\u3044\u308b\u306f\u305a\u3067\u3059(\u4e00\u90e8\u4f0f\u305b\u5b57\u306b\u3057\u3066\u3042\u308a\u307e\u3059):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;Fri Jul 21 08:36:23.102987 2023] &#91;security2:error] &#91;pid *****:tid ***************] &#91;client 192.0.2.1:*****] &#91;client 192.0.2.1] ModSecurity: Warning. Found 1 byte(s) in ARGS:test_query_string outside range: 1-255. &#91;file \"\/etc\/opt\/kusanagi\/httpd\/modsecurity.d\/activated_rules\/REQUEST-920-PROTOCOL-ENFORCEMENT.conf\"] &#91;line \"517\"] &#91;id \"920270\"] &#91;msg \"Invalid character in request (null character)\"] &#91;data \"ARGS:test_query_string=************\"] &#91;severity \"CRITICAL\"] &#91;ver \"OWASP_CRS\/3.3.4\"] &#91;tag \"application-multi\"] &#91;tag \"language-multi\"] &#91;tag \"platform-multi\"] &#91;tag \"attack-protocol\"] &#91;tag \"paranoia-level\/1\"] &#91;tag \"OWASP_CRS\"] &#91;tag \"capec\/1000\/210\/272\"] &#91;hostname \"example.com.internal\"] &#91;uri \"\/\"] &#91;unique_id \"***************************\"]<\/code><\/pre>\n\n\n\n<p>\u8a73\u7d30\u306f\u8ff0\u3079\u307e\u305b\u3093\u304c\u3001\u3053\u308c\u3089\u306eID\u306e\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3059\u308b\u306e\u306f(\u4e00\u822c\u7684\u306b\u306f)\u4e0d\u6b63\u306a\u6587\u5b57\u5217\u3092\u542b\u3080\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068\u767a\u751f\u3055\u308c\u307e\u3059\u3002\u3053\u308c\u3089\u306f\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u304c\u30b9\u30ec\u30c3\u30c9\u30bb\u30fc\u30d5\u3067\u3042\u308c\u3070\u554f\u984c\u306b\u306f\u306a\u308a\u306b\u304f\u3044\u3067\u3059\u304c\u3001\u30ce\u30f3\u30b9\u30ec\u30c3\u30c9\u30bb\u30fc\u30d5\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3067\u3059\u3068\u554f\u984c\u304c\u767a\u751f\u3059\u308b\u3053\u3068\u304c\u3042\u308b\u306e\u3067\u30a2\u30af\u30bb\u30b9\u5236\u9650\u306e\u89e3\u9664\u306b\u306f\u6ce8\u610f\u304c\u5fc5\u8981\u3067\u3059\u3002<\/p>\n\n\n\n<p>\u4eca\u56de\u306f\u610f\u56f3\u7684\u306b\u767a\u751f\u3055\u305b\u305f\u30a8\u30e9\u30fc\u3067\u5b89\u5168\u304c\u4fdd\u8a3c\u3055\u308c\u3066\u3044\u308b\u306e\u3067\u7279\u5225\u306b\u9664\u5916\u30eb\u30fc\u30eb\u306b\u8a2d\u5b9a\u3057\u3066\u307f\u307e\u3059\u3002\u5834\u5408\u306b\u3088\u3063\u3066\u3067\u3059\u304c\u3001\u30ea\u30af\u30a8\u30b9\u30c8\u3055\u308c\u305f\u30d1\u30b9\u3084\u30af\u30a8\u30ea\u30b9\u30c8\u30ea\u30f3\u30b0\u3001\u30ea\u30d5\u30a1\u30e9\u60c5\u5831\u306a\u3069\u3082\u9664\u5916\u30eb\u30fc\u30eb\u4f5c\u6210\u6642\u306b\u5fc5\u8981\u3067\u3059\u3002\u3053\u308c\u306f\u4e0a\u306e\u60c5\u5831\u3068\u540c\u3058\u884c\u306e\u672b\u5c3e\u8fd1\u304f\u306b\u3042\u308a\u3001[url \"\/path\"]\u3084[data ~]\u306a\u3069\u306e\u5f62\u5f0f\u3067\u51fa\u529b\u3055\u308c\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u3055\u3066\u3001\u3053\u308c\u3089\u5f15\u3063\u304b\u304b\u3063\u305f\u539f\u56e0\u5f15\u3063\u304b\u304b\u3063\u305f\u30d5\u30a3\u30eb\u30bf\u306eID\u3092\u63a7\u3048\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u305f\u3060\u3057\u3001\u901a\u5e38\u306f\u89e3\u9664\u3059\u308b\u969b\u3001\u9664\u5916\u3059\u308bID\u306f\u5c11\u306a\u3044\u307b\u3046\u304c\u5b89\u5168\u9762\u304b\u3089\u7406\u60f3\u7684\u3067\u3059\u3002\u4eca\u56de\u306e\u5834\u5408\u306f\u3001\u4e0d\u6b63\u306a\u6587\u5b57\u5217\u304c\u5165\u3063\u3066\u3044\u306a\u3044\u3088\u3046\u306b\u898b\u3048\u308b\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u898b\u3066\u9664\u5916\u3057\u307e\u3059\u3002\u5177\u4f53\u7684\u306b\u8a00\u3046\u3068\u3001ID: 949110\u3068980130\u3067\u3059\u3002\u3069\u306e\u3088\u3046\u306a\u30ed\u30b0\u306a\u306e\u304b\u3001\u53c2\u8003\u307e\u3067\u306b\u8a18\u8f09\u3057\u3066\u304a\u304d\u307e\u3059:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;Fri Jul 21 08:36:23.103004 2023] &#91;security2:error] &#91;pid *****:tid ***************] &#91;client 192.0.2.1:*****] &#91;client 192.0.2.1] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. &#91;file \"\/etc\/opt\/kusanagi\/httpd\/modsecurity.d\/activated_rules\/REQUEST-949-BLOCKING-EVALUATION.conf\"] &#91;line \"153\"] &#91;id \"949110\"] &#91;msg \"Inbound Anomaly Score Exceeded (Total Score: 10)\"] &#91;severity \"CRITICAL\"] &#91;ver \"OWASP_CRS\/3.3.4\"] &#91;tag \"application-multi\"] &#91;tag \"language-multi\"] &#91;tag \"platform-multi\"] &#91;tag \"attack-generic\"] &#91;hostname \"example.com.internal\"] &#91;uri \"\/\"] &#91;unique_id \"***************************\"]<\/code><\/pre>\n\n\n<div class=\"gb-container gb-container-ad5cdb2f\">\n\n<p>\u3055\u3066\u3001\u305d\u306e2\u3064\u3092\u9664\u3044\u3066\u307e\u30602\u3064\u304c\u6b8b\u3063\u3066\u3044\u307e\u3059\u306d\u3002\u3053\u308c\u3092\u3082\u3068\u306b\u9664\u5916\u30ea\u30b9\u30c8\u3092\u4f5c\u308a\u307e\u3059\u3002\u3067\u304d\u308c\u3070data\u306e\u4e2d\u304b\u3089\u691c\u77e5\u5bfe\u8c61\u3068\u306a\u3063\u305f\u30af\u30a8\u30ea\u30b9\u30c8\u30ea\u30f3\u30b0\u306a\u3069\u3082\u63a7\u3048\u3066\u304a\u304f\u3068\u66f4\u306b\u5b89\u5168\u306b\u4f5c\u308c\u307e\u3059\u3002\u5c0e\u5165\u3055\u308c\u3066\u3044\u308b\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u306b\u3082\u3088\u308a\u307e\u3059\u304c\u3001\/etc\/opt\/kusanagi\/httpd\/modsecurity.d\/kusanagi_activated_rules\/wordpress\/user.conf\u306b\u8ffd\u52a0\u3059\u308c\u3070OK\u3067\u3059\u3002\u4eca\u56de\u306f\u4e0a\u8a18\u306e\u4e8b\u8c61\u3092\u5143\u306b\u7dcf\u5408\u7684\u306b\u5224\u65ad\u3057\u3001\u4e0b\u8a18\u306e\u30b3\u30fc\u30c9\u3092\u4e2d\u9593\u884c\u306b\u8ffd\u8a18\u3057\u307e\u3057\u305f\u3002<\/p>\n\n<\/div>\n\n\n<pre class=\"wp-block-code\"><code>&lt;If \"%{QUERY_STRING} =~ \/.*test_query_string=.*\/ || %{HTTP_REFERER} =~ \/.*test_query_string=.*\/\"&gt;\n        SecRuleRemoveById 920220\n        SecRuleRemoveById 920270\n&lt;\/If&gt;<\/code><\/pre>\n\n\n\n<p>\u3053\u308c\u3092\u4fdd\u5b58\u5f8c\u3001<code>kusanagi httpd<\/code>\u3067\u518d\u8d77\u52d5\u3057\u3066\u30c7\u30b6\u30a4\u30f3\u304c\u5d29\u308c\u308b\u3053\u3068\u306a\u304f\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3057\u305f\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E3%82%A8%E3%83%A9%E3%83%BC%E3%81%8C%E8%A7%A3%E6%B6%88%E3%81%A7%E3%81%8D%E3%81%AA%E3%81%8F%E3%80%81%E7%9C%9F%E3%81%AB%E3%82%84%E3%82%80%E3%82%92%E5%BE%97%E3%81%AA%E3%81%84%E5%A0%B4%E5%90%88%E3%81%ABWAF%E3%82%92%E7%84%A1%E5%8A%B9%E5%8C%96%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95\"><\/span>\u30a8\u30e9\u30fc\u304c\u89e3\u6d88\u3067\u304d\u306a\u304f\u3001\u771f\u306b\u3084\u3080\u3092\u5f97\u306a\u3044\u5834\u5408\u306bWAF\u3092\u7121\u52b9\u5316\u3059\u308b\u65b9\u6cd5<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>\u4e0a\u8a18\u306e\u624b\u6bb5\u3067\u30a8\u30e9\u30fc\u306e\u539f\u56e0\u3092\u8abf\u3079\u3066\u3082\u89e3\u6d88\u3067\u304d\u306a\u304f\u3001\u304b\u3064\u771f\u306b\u3084\u3080\u3092\u5f97\u306a\u3044\u5834\u5408\u306fWAF\u3092\u7121\u52b9\u5316\u3059\u308b\u3053\u3068\u3082\u3067\u304d\u307e\u3059\u3002\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308c\u3070OK\u3067\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>kusanagi waf off<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E3%81%BE%E3%81%A8%E3%82%81\"><\/span>\u307e\u3068\u3081<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>KUSANAGI\u306b\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u308bWAF\u3092\u5229\u7528\u3059\u308b\u3068\u3001\u3088\u308a\u5b89\u5168\u306a\u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u3092\u3088\u308a\u7c21\u5358\u306b\u904b\u55b6\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u305f\u3057\u304b\u306b\u8aa4\u691c\u77e5\u306e\u30ea\u30b9\u30af\u3082\u3082\u3061\u308d\u3093\u3042\u308a\u307e\u3059\u304c\u3001\u30b3\u30c4\u3055\u3048\u63b4\u3081\u3070\u6bd4\u8f03\u7684\u7c21\u5358\u306b\u4fee\u6b63\u304c\u3067\u304d\u307e\u3059\u306e\u3067\u3001\u5229\u4fbf\u6027\u3068\u5b89\u5168\u6027\u3092\u5929\u79e4\u306b\u304b\u3051\u3066\u3001\u5229\u7528\u3092\u691c\u8a0e\u3057\u3066\u307f\u3066\u306f\u3044\u304b\u304c\u3067\u3057\u3087\u3046\u304b\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%8F%82%E8%80%83%E6%96%87%E7%8C%AE\"><\/span>\u53c2\u8003\u6587\u732e<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><a href=\"https:\/\/code.google.com\/archive\/p\/naxsi\/wikis\/BasicRule.wiki\">https:\/\/code.google.com\/archive\/p\/naxsi\/wikis\/BasicRule.wiki<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kusanagi.tokyo\/kusanagi9\/document\/commands\/\">https:\/\/kusanagi.tokyo\/kusanagi9\/document\/commands\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>WAF\u3092\u5c0e\u5165\u3059\u308b\u30e1\u30ea\u30c3\u30c8 WAF\u3068\u306f\u3001Web Application Firewall\u306e\u7565\u79f0\u3067\u3042\u308a\u3001Web\u4e0a\u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3 ... <a title=\"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b\" class=\"read-more\" href=\"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706\" aria-label=\"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b \u306b\u3064\u3044\u3066\u3055\u3089\u306b\u8aad\u3080\">Read more<\/a><\/p>\n","protected":false},"author":30,"featured_media":6800,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[76,13],"tags":[107],"series":[59],"journey":[98],"product":[105],"class_list":["post-6706","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-nginx","category-oss","tag-security","series-kusanagi-command","journey-build","product-kusanagi","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-33","no-featured-image-padding"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b - KUSANAGI Tech Column<\/title>\n<meta name=\"description\" content=\"KUSANAGI\u306b\u306fWAF\u6a5f\u80fd\u304c\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u3053\u306e\u6a5f\u80fd\u306e\u4f7f\u3044\u65b9\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u5834\u5408\u306e\u539f\u56e0\u8abf\u67fb\u624b\u6cd5\u3092\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b - KUSANAGI Tech Column\" \/>\n<meta property=\"og:description\" content=\"KUSANAGI\u306b\u306fWAF\u6a5f\u80fd\u304c\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u3053\u306e\u6a5f\u80fd\u306e\u4f7f\u3044\u65b9\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u5834\u5408\u306e\u539f\u56e0\u8abf\u67fb\u624b\u6cd5\u3092\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706\" \/>\n<meta property=\"og:site_name\" content=\"KUSANAGI Tech Column\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-02T23:45:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-16T16:53:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/08\/kusanagi-waf.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1300\" \/>\n\t<meta property=\"og:image:height\" content=\"660\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"\u798f\u7530\u62d3\u6717\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@kusanagi_saya\" \/>\n<meta name=\"twitter:site\" content=\"@kusanagi_saya\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706\"},\"author\":{\"name\":\"\u798f\u7530\u62d3\u6717\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#\\\/schema\\\/person\\\/7af5a2007e22aa5153d0e46a97b67f4f\"},\"headline\":\"kusanagi waf(ModSecurity\\\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b\",\"datePublished\":\"2023-08-02T23:45:36+00:00\",\"dateModified\":\"2026-02-16T16:53:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706\"},\"wordCount\":2611,\"publisher\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/kusanagi-waf.jpg\",\"keywords\":[\"\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\"],\"articleSection\":[\"Nginx\",\"OSS\"],\"inLanguage\":\"ja\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706\",\"url\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706\",\"name\":\"kusanagi waf(ModSecurity\\\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b - KUSANAGI Tech Column\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/kusanagi-waf.jpg\",\"datePublished\":\"2023-08-02T23:45:36+00:00\",\"dateModified\":\"2026-02-16T16:53:31+00:00\",\"description\":\"KUSANAGI\u306b\u306fWAF\u6a5f\u80fd\u304c\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u3053\u306e\u6a5f\u80fd\u306e\u4f7f\u3044\u65b9\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u5834\u5408\u306e\u539f\u56e0\u8abf\u67fb\u624b\u6cd5\u3092\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#breadcrumb\"},\"inLanguage\":\"ja\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#primaryimage\",\"url\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/kusanagi-waf.jpg\",\"contentUrl\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/kusanagi-waf.jpg\",\"width\":1300,\"height\":660},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_6706#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u30db\u30fc\u30e0\",\"item\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"kusanagi waf(ModSecurity\\\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#website\",\"url\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/\",\"name\":\"KUSANAGI Tech Column\",\"description\":\"\u901f\u3055\u306e\u7406\u7531\u3092\u77e5\u308b\u3002\u5b89\u5168\u306e\u4ed5\u7d44\u307f\u3092\u77e5\u308b\u3002WordPress\u904b\u7528\u306e\u300c\u306a\u305c\uff1f\u300d\u3092\u89e3\u304f\u6280\u8853\u30b3\u30e9\u30e0\",\"publisher\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ja\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#organization\",\"name\":\"KUSANAGI Tech Column\",\"url\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/logo-tc.png\",\"contentUrl\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/logo-tc.png\",\"width\":716,\"height\":57,\"caption\":\"KUSANAGI Tech Column\"},\"image\":{\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/kusanagi_saya\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/#\\\/schema\\\/person\\\/7af5a2007e22aa5153d0e46a97b67f4f\",\"name\":\"\u798f\u7530\u62d3\u6717\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7de8084c7eeea979db21648524d8650cc3cf654c727331702eb2cae1651df13c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7de8084c7eeea979db21648524d8650cc3cf654c727331702eb2cae1651df13c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7de8084c7eeea979db21648524d8650cc3cf654c727331702eb2cae1651df13c?s=96&d=mm&r=g\",\"caption\":\"\u798f\u7530\u62d3\u6717\"},\"description\":\"\u30d7\u30ed\u30b0\u30e9\u30df\u30f3\u30b0\u3092\u59cb\u3081\u305f\u306e\u306f10\u6b73\u524d\u5f8c\u3002\u4e2d\u5b661\u5e74\u751f\u306e\u3053\u308d\u304b\u3089VPS\u306a\u3069\u3092\u6d3b\u7528\u3057\u3001\u30b5\u30fc\u30d0\u3092\u904b\u7528\u4e2d\u3002\u30a2\u30e1\u30ea\u30ab\u306e\u5927\u5b66\u306eIT\u5b66\u90e8\u3092\u5352\u696d\u3057\u3001\u5f53\u793e\u306b\u65b0\u5352\u3067\u5165\u793e\u3002\u73fe\u5728\u306fPrime Strategy New York, Inc.\u306b\u5728\u7c4d\u3057\u3064\u3064\u3001KUSANAGI\u306a\u3069\u306e\u958b\u767a\u306b\u643a\u308f\u308b\u3002 \u6271\u3048\u308b\u30d7\u30ed\u30b0\u30e9\u30df\u30f3\u30b0\u8a00\u8a9e\u306e\u4e00\u4f8b\u3068\u3057\u3066\u3001Ruby, PHP, Rust, Python\u306a\u3069\u3002OS\u3067\u306fUbuntu\u3084AlmaLinux\u306a\u3069\u3002\",\"sameAs\":[\"https:\\\/\\\/www.prime-strategy.co.jp\\\/services\\\/wexal-service\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/ftkro\"],\"url\":\"https:\\\/\\\/kusanagi.tokyo\\\/column\\\/archives\\\/column_author\\\/fukuda-takuro\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b - KUSANAGI Tech Column","description":"KUSANAGI\u306b\u306fWAF\u6a5f\u80fd\u304c\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u3053\u306e\u6a5f\u80fd\u306e\u4f7f\u3044\u65b9\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u5834\u5408\u306e\u539f\u56e0\u8abf\u67fb\u624b\u6cd5\u3092\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706","og_locale":"ja_JP","og_type":"article","og_title":"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b - KUSANAGI Tech Column","og_description":"KUSANAGI\u306b\u306fWAF\u6a5f\u80fd\u304c\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u3053\u306e\u6a5f\u80fd\u306e\u4f7f\u3044\u65b9\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u5834\u5408\u306e\u539f\u56e0\u8abf\u67fb\u624b\u6cd5\u3092\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002","og_url":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706","og_site_name":"KUSANAGI Tech Column","article_published_time":"2023-08-02T23:45:36+00:00","article_modified_time":"2026-02-16T16:53:31+00:00","og_image":[{"width":1300,"height":660,"url":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/08\/kusanagi-waf.jpg","type":"image\/jpeg"}],"author":"\u798f\u7530\u62d3\u6717","twitter_card":"summary_large_image","twitter_creator":"@kusanagi_saya","twitter_site":"@kusanagi_saya","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#article","isPartOf":{"@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706"},"author":{"name":"\u798f\u7530\u62d3\u6717","@id":"https:\/\/kusanagi.tokyo\/column\/#\/schema\/person\/7af5a2007e22aa5153d0e46a97b67f4f"},"headline":"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b","datePublished":"2023-08-02T23:45:36+00:00","dateModified":"2026-02-16T16:53:31+00:00","mainEntityOfPage":{"@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706"},"wordCount":2611,"publisher":{"@id":"https:\/\/kusanagi.tokyo\/column\/#organization"},"image":{"@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#primaryimage"},"thumbnailUrl":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/08\/kusanagi-waf.jpg","keywords":["\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3"],"articleSection":["Nginx","OSS"],"inLanguage":"ja"},{"@type":"WebPage","@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706","url":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706","name":"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b - KUSANAGI Tech Column","isPartOf":{"@id":"https:\/\/kusanagi.tokyo\/column\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#primaryimage"},"image":{"@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#primaryimage"},"thumbnailUrl":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/08\/kusanagi-waf.jpg","datePublished":"2023-08-02T23:45:36+00:00","dateModified":"2026-02-16T16:53:31+00:00","description":"KUSANAGI\u306b\u306fWAF\u6a5f\u80fd\u304c\u6a19\u6e96\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u3053\u306e\u6a5f\u80fd\u306e\u4f7f\u3044\u65b9\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u305f\u5834\u5408\u306e\u539f\u56e0\u8abf\u67fb\u624b\u6cd5\u3092\u304a\u4f1d\u3048\u3057\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kusanagi.tokyo\/column\/archives\/column_6706"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#primaryimage","url":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/08\/kusanagi-waf.jpg","contentUrl":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2023\/08\/kusanagi-waf.jpg","width":1300,"height":660},{"@type":"BreadcrumbList","@id":"https:\/\/kusanagi.tokyo\/column\/archives\/column_6706#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u30db\u30fc\u30e0","item":"https:\/\/kusanagi.tokyo\/column"},{"@type":"ListItem","position":2,"name":"kusanagi waf(ModSecurity\/NAXSI)\u3092\u4f7f\u3063\u3066\u30b5\u30a4\u30c8\u3092\u653b\u6483\u304b\u3089\u5b88\u3063\u3066\u307f\u308b"}]},{"@type":"WebSite","@id":"https:\/\/kusanagi.tokyo\/column\/#website","url":"https:\/\/kusanagi.tokyo\/column\/","name":"KUSANAGI Tech Column","description":"\u901f\u3055\u306e\u7406\u7531\u3092\u77e5\u308b\u3002\u5b89\u5168\u306e\u4ed5\u7d44\u307f\u3092\u77e5\u308b\u3002WordPress\u904b\u7528\u306e\u300c\u306a\u305c\uff1f\u300d\u3092\u89e3\u304f\u6280\u8853\u30b3\u30e9\u30e0","publisher":{"@id":"https:\/\/kusanagi.tokyo\/column\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kusanagi.tokyo\/column\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Organization","@id":"https:\/\/kusanagi.tokyo\/column\/#organization","name":"KUSANAGI Tech Column","url":"https:\/\/kusanagi.tokyo\/column\/","logo":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/kusanagi.tokyo\/column\/#\/schema\/logo\/image\/","url":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2024\/07\/logo-tc.png","contentUrl":"https:\/\/kusanagi.tokyo\/column\/wp-content\/uploads\/2024\/07\/logo-tc.png","width":716,"height":57,"caption":"KUSANAGI Tech Column"},"image":{"@id":"https:\/\/kusanagi.tokyo\/column\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/kusanagi_saya"]},{"@type":"Person","@id":"https:\/\/kusanagi.tokyo\/column\/#\/schema\/person\/7af5a2007e22aa5153d0e46a97b67f4f","name":"\u798f\u7530\u62d3\u6717","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/secure.gravatar.com\/avatar\/7de8084c7eeea979db21648524d8650cc3cf654c727331702eb2cae1651df13c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7de8084c7eeea979db21648524d8650cc3cf654c727331702eb2cae1651df13c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7de8084c7eeea979db21648524d8650cc3cf654c727331702eb2cae1651df13c?s=96&d=mm&r=g","caption":"\u798f\u7530\u62d3\u6717"},"description":"\u30d7\u30ed\u30b0\u30e9\u30df\u30f3\u30b0\u3092\u59cb\u3081\u305f\u306e\u306f10\u6b73\u524d\u5f8c\u3002\u4e2d\u5b661\u5e74\u751f\u306e\u3053\u308d\u304b\u3089VPS\u306a\u3069\u3092\u6d3b\u7528\u3057\u3001\u30b5\u30fc\u30d0\u3092\u904b\u7528\u4e2d\u3002\u30a2\u30e1\u30ea\u30ab\u306e\u5927\u5b66\u306eIT\u5b66\u90e8\u3092\u5352\u696d\u3057\u3001\u5f53\u793e\u306b\u65b0\u5352\u3067\u5165\u793e\u3002\u73fe\u5728\u306fPrime Strategy New York, Inc.\u306b\u5728\u7c4d\u3057\u3064\u3064\u3001KUSANAGI\u306a\u3069\u306e\u958b\u767a\u306b\u643a\u308f\u308b\u3002 \u6271\u3048\u308b\u30d7\u30ed\u30b0\u30e9\u30df\u30f3\u30b0\u8a00\u8a9e\u306e\u4e00\u4f8b\u3068\u3057\u3066\u3001Ruby, PHP, Rust, Python\u306a\u3069\u3002OS\u3067\u306fUbuntu\u3084AlmaLinux\u306a\u3069\u3002","sameAs":["https:\/\/www.prime-strategy.co.jp\/services\/wexal-service\/","https:\/\/www.linkedin.com\/in\/ftkro"],"url":"https:\/\/kusanagi.tokyo\/column\/archives\/column_author\/fukuda-takuro"}]}},"_links":{"self":[{"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/posts\/6706","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/users\/30"}],"replies":[{"embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/comments?post=6706"}],"version-history":[{"count":21,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/posts\/6706\/revisions"}],"predecessor-version":[{"id":6808,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/posts\/6706\/revisions\/6808"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/media\/6800"}],"wp:attachment":[{"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/media?parent=6706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/categories?post=6706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/tags?post=6706"},{"taxonomy":"series","embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/series?post=6706"},{"taxonomy":"journey","embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/journey?post=6706"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/kusanagi.tokyo\/column\/wp-json\/wp\/v2\/product?post=6706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}