Download

Stable releases

ModSecurity is an open source product licensed under GPLv2 with a licensing exception (as of version 2.5.6) for linking and distribution with other Free/Libre and Open Source Software. It comes with full source code and documentation. Older releases are signed by Ivan Ristic. Newer releases are signed by Brian Rectanus. These public keys are available via most PGP key server mirrors.

NOTE: Direct downloads are now handled by the SourceForge.net project page. More downloads are available there than listed on this page.

• modsecurity-apache_2.5.9.tar.gz (bundles Core Rules 1.6.1) (PGP MD5)
  
• modsecurity-core-rules_2.5-1.6.1.tar.gz

Community-Produced Binary packages

There are no binary packages on modsecurity.org. Below is a list of third-party sites that sometimes have an up-to-date binary version of ModSecurity:

• RHEL/CentOS Yum Repository (Jason Litka)
  http://www.jasonlitka.com/yum-repository/
  
• Debian (Alberto Gonzalez Iniesta):
  http://etc.inittab.org/~agi/debian/libapache-mod-security2/
  
• Fedora Core (Michael Fleming):
  http://fedoraproject.org/wiki/EPEL
• FreeBSD (Alex Dupre):
  http://www.freebsd.org/cgi/ports.cgi?query=mod_security&stype=all
• Gentoo:
  http://www.gentoo-portage.com/www-apache/mod_security
• Apache 2.x on Windows (Steffen):
  http://www.apachelounge.com/
• HP-UX (Internet Express):
  http://h20338.www2.hp.com/hpux11i/cache/324414-0-0-0-121.html
• Netware, Windows (Guenter Knauf):
  http://www.gknw.at/development/apache/