ModSecurity
ModSecurity is an intrusion detection and prevention engine for Web applications (sometimes called a Web application firewall). Operating embedded or as part of an Apache reverse proxy, it increases Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure. It monitors HTTP traffic (including POST payloads), detects or prevents attacks, enhances logging, performs anti-evasion, and allows administrators to create custom rules to suit their specific needs. It excels in HTTP traffic monitoring and just-in-time vulnerability patching.
| Tags | Internet Web HTTP Servers |
|---|---|
| Licenses | GPLv2 |
| Operating Systems | OS Independent |
| Implementation | C |
Recent releases
- 06 Feb 2010 01:47
Release Notes: This release fixes several important issues to help prevent a detection bypass and denial of service attacks against ModSecurity. Quite a few small but notable bugs were fixed. The latest Core Ruleset (2.0.5) is included.
- 07 Nov 2009 07:28
Release Notes: This release fixes a multipart parsing issue that has the potential to allow bypassing the rules engine. This bypass can be avoided via some simple rules, however. Other changes include a rules update (CRS 2.0.3) and some minor cleanup in build, mlogc, persistence, and the output filter ordering.
- 24 Sep 2009 22:16
Release Notes: This release fixes a number of small issues. Notable issues that have been fixed are a cleaner build process, fixes to mlogc to build on Windows and allow more reliable SSL negotiation to the console, less verbose logging when using anomaly scoring with CRS v2.x, and a feature to allow easier use with Apache mpm-itk.
- 26 Aug 2009 07:30
Release Notes: This release cleans up the build scripts and adds some features to better manage audit log permissions (especially with mpm-itk).
- 12 Aug 2009 22:50
Release Notes: This development release fixes some build issues with mlogc, a potential configuration crash, and SecRuleUpdateActionById. It includes the latest release of the Core Rule Set (CRS), 2.0.1.
Recent comments
A Required Apache Module
I'm using this on a number of sites and I recommend anyone else worried about security do the same.
It's got an easy to understand configuration file, it's easy to install and it works exactly as advertised. I've seen a number of hack attempts blocked by this module. I'm running a number of PostNuke sites and I feel more at ease doing so, knowing that a number of the usual exploits of these sites can be blocked with the use of modsecurity.
The author is also very fast to respond to any requests for help and offered me great advice and help with the inital problems I faced (Not reading the manually properly...)
Tim
b1v1r
25 May 2004 09:17
