SQL Injection attack on a web app

girishjaju 提供
上次更新日期: 2018/7/9

This will deploy 2 application gateways, a web app, a SQL server and database, OMS and other network resources. One app gateway is in detection mode and other is in prevention mode. Perform the SQL injection attack by following the guidleines and execute the scenario for mitigation and prevention of a SQL injection attack.

此 Azure Resource Manager (ARM) 範本是由社群成員 (而非 Microsoft) 建立。每個 ARM 範本都是由其擁有者 (而非 Microsoft) 依據授權合約授權給您。Microsoft 並不負責社群成員所提供和授權的 ARM 範本,而不會為了安全性、相容性或效能進行篩選。社群 ARM 範本並未依據任何 Microsoft 支援方案或服務提供支援,而且會在沒有任何擔保的情況下依現況提供。

參數

參數名稱 說明
_artifactsLocation this will be the location for artifacts
_artifactsLocationSasToken this will be the sas key to access artifacts
location your resources will be created in this location
omsSku this will be you SKU for OMS
pipAddressType this will be the type of public IP address used for the VM name
sqlAdministratorName this will be the admin user for sql server
sqlServerPassword this will be the password for the admin user of sql server
emailToSendAlertsTo this user will get the alert emails

使用範本

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-SQL-Injection-Attack-Prevention/azuredeploy.json
安裝和設定 Azure PowerShell

命令列

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-SQL-Injection-Attack-Prevention/azuredeploy.json
安裝和設定 Azure 跨平台命令列介面