ModSecurity is an intrusion detection and prevention engine for Web applications (sometimes called a Web application firewall). Operating embedded or as part of an Apache reverse proxy, it increases Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure. It monitors HTTP traffic (including POST payloads), detects or prevents attacks, enhances logging, performs anti-evasion, and allows administrators to create custom rules to suit their specific needs. It excels in HTTP traffic monitoring and just-in-time vulnerability patching.
|Tags||Internet Web HTTP Servers|
|Operating Systems||OS Independent|
Release Notes: This release fixes several important issues to help prevent a detection bypass and denial of service attacks against ModSecurity. Quite a few small but notable bugs were fixed. The latest Core Ruleset (2.0.5) is included.
Release Notes: This release fixes a multipart parsing issue that has the potential to allow bypassing the rules engine. This bypass can be avoided via some simple rules, however. Other changes include a rules update (CRS 2.0.3) and some minor cleanup in build, mlogc, persistence, and the output filter ordering.
Release Notes: This release fixes a number of small issues. Notable issues that have been fixed are a cleaner build process, fixes to mlogc to build on Windows and allow more reliable SSL negotiation to the console, less verbose logging when using anomaly scoring with CRS v2.x, and a feature to allow easier use with Apache mpm-itk.
Release Notes: This release cleans up the build scripts and adds some features to better manage audit log permissions (especially with mpm-itk).
Release Notes: This development release fixes some build issues with mlogc, a potential configuration crash, and SecRuleUpdateActionById. It includes the latest release of the Core Rule Set (CRS), 2.0.1.