freshmeat.net: Project details for ModSecurity

18:47 UTC

[Project]

ModSecurity 1.9RC1 (Development)

Section: Unix

Added: Fri, Nov 22nd 2002 13:44 UTC (5 years, 10 months ago)

Updated: Tue, Sep 30th 2008 18:15 UTC (13 days ago)

About:
ModSecurity is an intrusion detection and prevention engine for Web applications (sometimes called a Web application firewall). Operating embedded or as part of an Apache reverse proxy, it increases Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure. It monitors HTTP traffic (including POST payloads), detects or prevents attacks, enhances logging, performs anti-evasion, and allows administrators to create custom rules to suit their specific needs. It excels in HTTP traffic monitoring and just-in-time vulnerability patching.

Release focus: Minor bugfixes

Changes:
A new SecFilterSignatureAction directive was added to allow for the separation of policy and rule metadata. It allows rules that have custom action lists to use the list defined with this directive as a template. Improvements were made to the multipart parser, which is now more robust and more strict in what it accepts. Several bugs were fixed. Code clean-ups were made and a new regression testing tool was added.

Author:
Ivan Ristic [contact developer]

Homepage:
http://www.modsecurity.org/

Trove categories: [change]
[Development Status] 5 - Production/Stable
[Intended Audience] Developers, System Administrators
[License] OSI Approved :: GNU General Public License v2
[Operating System] OS Independent
[Programming Language] C
[Topic] Internet :: WWW/HTTP, Internet :: WWW/HTTP :: HTTP Servers

Dependencies: [change]
No dependencies filed

Project admins: [change]
» Ivan Ristic (Owner)
» Brian Rectanus (Admin)

» Rating: 8.54/10.00 (Rank N/A)
» Vitality: 3.03% (Rank 175)
» Popularity: 6.22% (Rank 498)

(click to enlarge graphs)

   Record hits: 49,678
   URL hits: 14,572
   Subscribers: 227

Projects depending on this project:
Apache httpd tools
ModSecurity Console

Other projects from the same categories:
Tenon iTools
Turck MMCache for PHP
Travian Bot
XOAD
HawksleyClock

Users who subscribed to this project also subscribed to:
Ark Linux
Adanaxis
TDFSB
ProjectBench
Simple Backup

Add comment · Rate this project · Subscribe to new releases · Ignore this project · Email this project to a friend · Project record in XML

Branches

Branch Version Last release License URLs

Stable
Releases ready for production use. 2.5.7 30-Sep-2008 GNU General Public License v2

Development
Releases for those who want to test new features early. 2.5.7-rc1 18-Sep-2008 GNU General Public License v2

Releases

Version Focus Date

2.5.7-rc1 Minor bugfixes 18-Sep-2008 17:23

2.5.0-rc4 N/A 15-Feb-2008 07:55

2.1.6-rc1 Minor bugfixes 13-Feb-2008 18:55

2.5.0-rc3 Minor bugfixes 13-Feb-2008 18:55

2.5.0-rc2 Major feature enhancements 30-Jan-2008 21:13

2.1.0-rc7 Major feature enhancements 05-Feb-2007 16:27

2.0.0-rc-2 Minor bugfixes 27-Jun-2006 12:08

2.0.0-beta-3 Major feature enhancements 23-May-2006 13:20

2.0.0-dev1 Major feature enhancements 09-Mar-2006 12:22

1.9.2-rc2 Major feature enhancements 21-Dec-2005 15:50

Comments

[»] A Required Apache Module
by MuppetMania - Feb 26th 2004 20:01:43

I'm using this on a number of sites and I recommend anyone else worried about security do the same.

It's got an easy to understand configuration file, it's easy to install and it works exactly as advertised. I've seen a number of hack attempts blocked by this module. I'm running a number of PostNuke sites and I feel more at ease doing so, knowing that a number of the usual exploits of these sites can be blocked with the use of modsecurity.

The author is also very fast to respond to any requests for help and offered me great advice and help with the inital problems I faced (Not reading the manually properly...)

Tim

--
Beer Beer Beer. Drink Some, It's Tasty, Beer.

[reply] [top]