How To Install And Configure GreenSQL In Ubuntu 9.10

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy for SQL commands and has built in support for MySQL & PostgreSQL . The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL is distributed under the GPL license.

Installation:

1. Download its source code from its web.
2. Install the needed packages: apt-get install libevent-1.4-2 libpcre3 libmysqlclient15off libpq5 libmysqlclient15-dev libevent-dev libpcre3-dev libpcre3 libpq-dev flex g++ bison build-essential
3. Uncompress it: tar xvfz greensql-fw_*.tar.gz
4. Enter its directory: cd greensql-fw_*
5. Build the deb package: ./build.sh
6. Install the deb package (as root): cd .. && dpkg -i greensql-fw*.deb
7. Answer the questions to connect GreenSQL to your database

Configuration (using Apache):

1. Enter GreenSQL directory: cd /usr/share/greensql-fw
2. Set the right permissions to templates_c : chgrp -R www-data templates_c && chmod -R 770 templates_c
3. Create the file /etc/apache2/conf.d/greensql with the following content(replace [ and ] for angle brackets):

Alias /greensql /usr/share/greensql-fw
[Directory /greensql]
Order deny,allow
Deny from all
Allow from 127.0.0.1
[/Directory]

4. Restart Apache: apache2ctl restart.
5. Access GreenSQL using your web browser (default user is admin and default password is pwd):

http://localhost/greensql
Change the default admin’s password.
Edit GreenSQL configuration to fit your needs.

NOTE : Change "localhost" to your domain name.

How to use:

To use GreenSQL, you have to change the configuration of the applications which connect to your database and point them to the computer where you have installed GreenSQL (localhost in this case) and the port where GreenSQL is running (3305 in my case to proxy my MySQL database). You can test whether it is working connecting to your database and creating a table (it should appear as an alert named “Detected attempt to create database/table/index” in GreenSQL and it should be blocked if you didn’t change the IPS option).

Example:
mysql -u root -h 127.0.0.1 -P 3305 -p
CREATE TABLE greensql_test;

note : if you're running joomla, u need change your configuration setting to look like this :-

var $host = 'localhost'; to var $host = '127.0.0.1:3305';

Now we can go green with greensql. :)