Not verified. Are you owner ?
sponsored links

ModSecurity: Open Source Web Application Firewall

ModSecurity is an open source web application firewall. Working embedded in the web server, or standalone as a network appliance, it detects and prevents attacks against web applications.

Main page screenshot of modsecurity.org
Popularity
 
5.0 out of 5 by PressAboutUs
Icons
Reviewed on Jun 11st, 2015
  • Press about modsecurity.org

  • modsecurity.org writes about

  • Social about modsecurity.org

Do you know new review about this site?
Suggest a new review!
  •  

    softaculous.com Security

    Group: Member Group: Member I also approve for mod_security for nginx : http://www.modsecurity.org/projects/modsecurity/nginx/ ...but i don't understand why you would like an integration of shorewall : if you need it, it's an easy one to install and it should work if you just open the same ports ... Read article

    Relevance
     
    Find useful? Yes
  •  

    howtoforge.com How To Install mod_security/mod_security2 On SuSE Linux Enterprise Server 10 (SLES10) | HowtoForge - Linux Howtos and Tutorials

    You must compile LUA as shared module.Get LUA from http://www.lua.org/ftp/lua-5.1.3.tar.gz .2 - Name: [ lua ]3 - Version: [ 5.1.3 ]4 - Release: [ 1 ]5 - License: [ GPL ]6 - Group: [ Development/Languages/Lua ]7 - Architecture: [ i386 ]rpm -ivh ../lua-5.1.3-1.i386.rpmNow you have to build a shared... Read article

    Relevance
     
    Find useful? Yes
  •  

    spinics.net Re: F13: httpd log errors? -- Fedora Linux Users

    > > [Sun Aug 22 11:26:15 2010] [notice] suEXEC mechanism enabled (wrapper: > /usr/sbin/suexec) > [Sun Aug 22 11:26:16 2010] [notice] SSL FIPS mode disabled > [Sun Aug 22 11:26:16 2010] [notice] ModSecurity for Apache/2.5.12 > ( http://www.modsecurity.org/ ) configured. > [Sun Aug 22 11:26:18 2010... Read article

    Relevance
     
    Find useful? Yes
  •  

    suburbanchicagophp.org Suburban Chicago PHP » Blog Archive » Massive SQL injection attack

    Edit: modsecurity.org has the query string used in this attack, and information on how the mod_security Apache module can filter out attacks like this. Categories Read article

    Relevance
     
    Find useful? Yes
  •  

    xux.in Rhel | xUx's Blog

    If you noticed, the last line we added (Include conf/modsecurity/*.conf) makes reference to the default rules mod_security includes in another file modsecurity-core-rules_2.5-1.6.0.tar.gz cd /usr/local/src wget http://www.modsecurity.org/download/modsecurity-core-rules_2.5-1.6.0.tar.gz mkdir /etc... Read article

    Relevance
     
    Find useful? Yes
  •  

    linode.com Linode Forum :: View topic - Brute force attack

    Senior Member Posts: 92 Location: VA modsecurity ( http://www.modsecurity.org/ ) will help in keeping the webserver from even processing these requests. I agree with fos though...this happens rather often (although I typically don't see 1200 requests in one attack session, though...usually its ju... Read article

    Relevance
     
    Find useful? Yes
  •  

    myitforum.com SANS Internet Storm Center - Mass exploits with SQL Injection - Chris Mosby at myITforum.com

    The attack with the uc8010.com site was practically the same with a bit better SQL – Ryan Barnett posted an example of this attack at http://www.modsecurity.org/blog/ As some people noticed, almost all affected web sites are running IIS and MS SQL server. This makes sense since the SQL statement ... Read article

    Relevance
     
    Find useful? Yes
  •  

    web2secure.com Web2Secure: Web Security Blog: June 2011

    Modsecurity - SQL Injection Challenge Acrobat Memory Corruption Denial of Service (DoS) Exploit - CVE-2011-2105 Beware shortcuts for getting more followers on Twitter Web2Secure: Web Security Blog McAfee WhitePaper - The New Reality of Stealth Crimeware [PDF] Malware campaign uses direct injectio... Read article

    Relevance
     
    Find useful? Yes
  •  

    purehacking.com ModSecurity SVM Bypass Charity Challenge | Pure Hacking

    I am happy to announce the ModSecurity SVM Bypass Charity Challenge. This is a SQL Injection, XSS and Path Traversal Filter Evasion Challenge. Similar to the Trustwave ModSecurity SQLi Challenge, I setup ModSecurity to proxy to the following four commercial vulnerability scanner demo sites: ModSe... Read article

    Relevance
     
    Find useful? Yes
  •  

    techiecorner.com Mod Security – Open source Web Application Firewall - Techie Corner

    What is mod security (mod_security)? ModSecurity is an embeddable web application firewall. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure. It is also an open source p... Read article

    linux
    Relevance
     
    Find useful? Yes
  •  

    packages.debian.org Debian -- Details of package libapache-mod-security in wheezy

    Download Source Package modsecurity-apache : Links for libapache-mod-security Package: libapache-mod-security (2.6.6-6+deb7u2) Other Packages Related to libapache-mod-security Download libapache-mod-security Dummy transitional package Dummy transitional package Read article

    Relevance
     
    Find useful? Yes
  •  

    tmdhosting.com Achieving military-grade security is possible in shared hosting environment!

    By default ModSecurity is released in two major distributions: As standalone Firewall – Usually this distribution is used when the web service running on the server does not support the dynamic load of modules such as the Nginx web service. In that case ModSecurity can be compiled with the source... Read article

    Relevance
     
    Find useful? Yes
  •  

    support.cloudflare.com Will the WAF protect against XSS and SQL Injection attacks? – CloudFlare Support

    Damon November 19, 2013 22:32 Yes. The CloudFlare WAF protects against XSS and SQL injection attacks, as well as comment spam. CloudFlare includes the ModSecurity and the OWASP Top 10 vulnerabilities by default. If you are on the Business or Enterprise plan , you can also write your own rule sets... Read article

    Relevance
     
    Find useful? Yes
  •  

    abuse.ch Malware With Bruteforce Capabilities « abuse.ch

    Another possibility to prevent automated brute-force attacks is to rename the PHP file that is responsible for the WordPress authentication (wp-login.php) to something specific that only you know (eg. nigol-pw.php). Since the HTTP POST request issued by this malware family is poorly crafted, you ... Read article

    Relevance
     
    Find useful? Yes
  •  

    gnucitizen.org GNUCITIZEN » Application Layer Anti-virus/Firewall

    While it is true that ModSecurity is better equipped to protect the server-side this is only the current situation. Improving support for forward-proxy deployments in on my TODO list. FYI, I have already experimented with content injection in ModSecurity (i.e. a server-side Greasemonkey). This fe... Read article

    Relevance
     
    Find useful? Yes

Twitter about modsecurity.org

Facebook about modsecurity.org

Get weekly email alerts

Follow modsecurity.org

Get every new review delivered to your Inbox.