ModSecurity is a plug-in module to the Apache webserver that allows for request based filtering of incoming requests.
By enabling some of these filters it is possible to prevent exploitation of known, or new unpublished vulnerabilities.
ModSecurity also supports Signature based rules which allows you to write your own custom signatures. Ivan Ristic the author of
ModSecurity has written a very good book (Click here to read my review) about some of the security features of the Apache webserver, and modsecurity entitled
‘Apache Security’ By O’reilly’ (Shown below). Additional
information on Web Application Firewalls can be answered at our What is a Web Application Firewall FAQ Page.
Downloads
The ModSecurity Homepage (http://www.modsecurity.org)
Primary Download Page (http://www.modsecurity.org/download/index.html)
Resources by Ivan Ristic (ModSecurity’s Author)
The Mod_Security Blog
modsecurity rules database
Web Security Appliance With Apache and mod_security, By Ivan Ristic 2003
Introducing mod_security, By Ivan Ristic 2003
Mod_Security Mailing Lists
mod-security-announce Mailing List
mod-security-users Mailing List
Tools and Add-ons
mod_security rule generator (Third party)
A third party rule generator.
Third Party Articles
Defending Web Services using Mod Security (Apache): Methodology and Filtering Techniques, Shreeraj Shah
Intrustion detection and prevention for Apache with mod-security, 2004
Better Living Through Mod Security, 2004
