ModSecurity

ModSecurity
Original author(s)	Ivan Ristić
Developer(s)	OWASP, formerly Trustwave SpiderLabs
Initial release	November 2002; 21 years ago
Stable release	3.0.12 / 30 January 2024; 7 months ago
Repository	github.com/SpiderLabs/ModSecurity ;
Written in	C++ (3.x), C (2.x)
Available in	English
License	Apache License 2.0
Website	https://owasp.org/www-project-modsecurity/

ModSecurity, sometimes called Modsec, is an open-source web application firewall (WAF). Originally designed as a module for the Apache HTTP Server, it has evolved to provide an array of Hypertext Transfer Protocol request and response filtering capabilities along with other security features across a number of different platforms including Apache HTTP Server,^[2]^[3] Microsoft IIS and Nginx.^[4] It is free software released under the Apache license 2.0.

The platform provides a rule configuration language known as 'SecRules' for real-time monitoring, logging, and filtering of Hypertext Transfer Protocol communications based on user-defined rules.

Although not its only configuration, ModSecurity is most commonly deployed to provide protections against generic classes of vulnerabilities using the OWASP ModSecurity Core Rule Set (CRS).^[5] This is an open-source set of rules written in ModSecurity's SecRules language. The project is part of OWASP, the Open Web Application Security Project. Several other rule sets are also available.

To detect threats, the ModSecurity engine is deployed embedded within the webserver or as a proxy server in front of a web application. This allows the engine to scan incoming and outgoing HTTP communications to the endpoint. Dependent on the rule configuration the engine will decide how communications should be handled which includes the capability to pass, drop, redirect, return a given status code, execute a script, and more.

^ . 30 January 2024 https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v3.0.12. {{cite web}}: Missing or empty |title= (help)
^ "How to secure your Apache 2 server in four steps". Techrepublic.com. 18 November 2016. Retrieved 7 January 2018.
^ Shah, Shreeraj. "Securing Web Services with mod_security - O'Reilly Media". Onlamp.com. Archived from the original on 7 January 2018. Retrieved 7 January 2018.
^ Lardinois, Frederic (23 August 2016). "NGINX Plus's latest release puts the focus on security". Techcrunch.com. Retrieved 7 January 2018.
^ "OWASP ModSecurity Core Rule Set – The 1st Line of Defense Against Web Application Attacks". Coreruleset.org. Retrieved 7 January 2018.

[wikidata-2a735bd5a1496b6e991b2b11ddda01ea57b6a020-v18-1] . 30 January 2024 https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v3.0.12. {{cite web}}: Missing or empty |title= (help)

[2] "How to secure your Apache 2 server in four steps". Techrepublic.com. 18 November 2016. Retrieved 7 January 2018.

[3] Shah, Shreeraj. "Securing Web Services with mod_security - O'Reilly Media". Onlamp.com. Archived from the original on 7 January 2018. Retrieved 7 January 2018.

[4] Lardinois, Frederic (23 August 2016). "NGINX Plus's latest release puts the focus on security". Techcrunch.com. Retrieved 7 January 2018.

[coreruleset.org-5] "OWASP ModSecurity Core Rule Set – The 1st Line of Defense Against Web Application Attacks". Coreruleset.org. Retrieved 7 January 2018.

[1]

[2]

[3]

[4]

[5]