logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



ModSecurity 1.9.2 has been released

 
Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules



View previous topic :: View next topic  
Author Message
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2581
Location: Hilversum, NL, EU

PostPosted: Tue 17 Jan '06 18:39    Post subject: ModSecurity 1.9.2 has been released Reply with quote

The Win32 binary is available for immediate download from: www.apachelounge.com/download/

ModSecurity 1.9.2 is primarily a bug-fix release, but it includes a few interesting new features. Some concurrent audit logging improvements. New proof-of-concept script for real-time audit log centralisation. Many smaller bug fixes and improvements throughout.


About ModSecurity
-------------------
ModSecurity is a web application firewall designed to protect vulnerable applications and reject manual and automated attacks. It is an open source intrusion detection and prevention system. It can work embedded in Apache, or as a standalone security device when configured to work as part of an Apache-based reverse proxy.

Optionally, ModSecurity creates application audit logs, which contain the full request body in addition to all other details. Requests are filtered using regular expressions. Some of the things possible are:

* Apply filters against any part of the request(URI,headers, either GET or POST)
* Apply filters against individual parameters
* Reject SQL injection attacks
* Reject Cross site scripting attacks
* Store the files uploaded through the web server, and have them checked by external scripts

With a few general rules ModSecurity can protect from both known and unknown vulnerabilities. It excels as a tool for HTTP traffic monitoring and just-in-time patching.
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules
Page 1 of 1