News and Updates
Trustwave Acquires Breach Security
(June 22, 2010)
Trustwave has acquired Breach Security, the company behind ModSecurity. Please see the press release for more information.
ModSecurity v2.5.12
(Feb 4, 2010)
ModSecurity v2.5.12 (change log) has been released.
This release fixes several important issues to help prevent a detection
bypass and denial of service attacks against ModSecurity. Many thanks
to the Sogeti/ESEC R&D team for sending us the results of their code
review. In addition, this release fixes quite a few small but notable
bugs and includes the latest Core Ruleset (v2.0.5).
ModSecurity v2.5.11
(Nov 6, 2009)
ModSecurity v2.5.11 (change log) has been released.
This release fixes a multipart parsing issue that has the potential to
allow bypassing the rules engine. This bypass can be avoided via some
simple rules, however. Other changes include a rules update (CRS 2.0.3)
and some minor cleanup in build, mlogc, persistence and the output
filter ordering.
ModSecurity v2.5.10
(Sep 24, 2009)
ModSecurity v2.5.10 (change log) has been released.
This release fixes a number of small issues. Notable issues that have been
fixed are a cleaner build process, fixes to mlogc to build on Windows and
allow more reliable SSL neg. to the console, less verbose logging when using
anomaly scoring with CRS v2.x and a feature to allow easier use with Apache
mpm-itk.
Books from the ModSecurity Contributors
ModSecurity Handbook is
"The definitive guide to the popular open source web application firewall",
written by Ivan Ristic (original author of ModSecurity). The book is available from Feisty Duck in hardcopy or with immediate access to the digital version which is continually updated.
Apache Security is a comprehensive Apache Security resource, written by Ivan Ristic
for O'Reilly. Two chapters (Apache Installation and Configuration and PHP) are available as free
download, as are the Apache security tools created for the book.
Preventing Web Attacks with Apache. Building on his groundbreaking SANS presentations on Apache security, Ryan C. Barnett reveals why your Web servers represent such a compelling target, how significant exploits are performed, and how they can be defended against.
|
What Is ModSecurity?
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy.
It provides protection from a range of attacks against web applications and allows for HTTP
traffic monitoring, logging and real-time analysis.
It is also an open source project that aims to make the web application firewall
technology available to everyone.
Support/Mailing lists
Community support is available on the
mod-security-users/lists.sourceforge.net mailing list. You must
subscribe first (by clicking here)
in order to post. The list archives are available as
News (NNTP),
Threaded HTTP,
Bloggy HTTP,
and RSS.
Commercial support and appliances based on ModSecurity can be
obtained from Breach Security.
Getting Started
External Links
ModSecurity 2.0 with Ivan Ristic
ModSecurity is an open source web application firewall that runs as an Apache module, and version 2.0 offers many new features and improvements. Federico Biancuzzi interviewed Ivan Ristic to discuss the new logging system, events tracking and correlation, filtering AJAX or AFLAX applications, and just-in-time patching for closed source applications.
Web Application Firewalls Primer
Introduction to Web Application Firewalls, published in INSECURE Magazine 1.5.
Talks
Our talks are available for download following the links below:
|
