ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
Перейти к файлу
Marc Stern 7246998f09
Adds option to disable logging of stopwatches in audit log.
2017-05-02 17:11:58 -03:00
alp2 Organizes all Makefile.am 2013-12-13 09:44:51 -08:00
apache2 Adds option to disable logging of stopwatches in audit log. 2017-05-02 17:11:58 -03:00
build configure: Fix detection whether libcurl is linked against gnutls 2016-06-14 13:48:01 -03:00
doc Adds doxygen configuration files 2014-11-14 11:53:39 -08:00
ext Adds ssdeep support in our build system 2014-11-14 11:53:39 -08:00
iis Fixed IPv4+Port address parsing 2016-10-04 13:23:46 -03:00
mlogc Allow user to choose between TLS versions(TLSProtocol option introduced). 2016-01-06 15:00:08 -03:00
nginx Fix building with nginx >= 1.11.11 2017-04-03 16:19:15 -03:00
standalone Refactoring conditional directives for if wrappers, alternative if statements and incomplete if conditions. 2016-01-05 08:18:44 -03:00
tests Allow mod_proxy's "nocanon" behavior to be specified in proxy actions. 2016-01-06 08:23:52 -03:00
tools Updates to parse_modsec.pl 2016-01-29 11:59:52 -03:00
CHANGES Adds option to disable logging of stopwatches in audit log. 2017-05-02 17:11:58 -03:00
LICENSE Updated Licensing information to reflect year 2016-01-11 10:09:41 -05:00
Makefile.am tests: adds test-regression-nginx to the makefile 2014-01-03 09:26:30 -08:00
NOTICE Updated copyright dates 2013-04-19 03:20:46 -04:00
README.TXT Fixed broken link in readme #1059 2016-02-01 11:16:13 -05:00
README_WINDOWS.TXT Author at README_WINDOWS 2011-04-12 14:30:59 +00:00
authors.txt add breno user to authors file 2010-10-14 16:23:45 +00:00
autogen.sh macos: Using glibtoolize instead of libtoolize 2013-12-12 14:53:49 -08:00
configure.ac Adds option to disable logging of stopwatches in audit log. 2017-05-02 17:11:58 -03:00
modsecurity.conf-recommended add support for soap+xml 2017-04-06 09:34:54 -03:00
stamp-h1 Fix autoconf header and include path so trunk builds. 2010-08-31 18:35:55 +00:00
unicode.mapping Cleanup unicode map file 2011-06-02 19:25:56 +00:00

README.TXT

Этот файл содержит невидимые символы Юникода!

Этот файл содержит невидимые символы Юникода, которые могут быть отображены не так, как показано ниже. Если это намеренно, можете спокойно проигнорировать это предупреждение. Используйте кнопку Экранировать, чтобы показать скрытые символы.

ModSecurity for Apache 2.x, http://www.modsecurity.org/
Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)

You may not use this file except in compliance with
the License.  You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

If any of the files related to licensing are missing or if you have any
other questions related to licensing please contact Trustwave Holdings, Inc.
directly using the email address security@modsecurity.org.


DOCUMENTATION

Please refer to the documentation folder (/doc) for
the reference manual.


##############################################
----------------------------------
OWASP ModSecurity Core Rule Set (CRS)


Project Site:
https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project


Download:
https://github.com/SpiderLabs/owasp-modsecurity-crs

----------------------------------

ModSecurity™ is a web application firewall engine that provides very
little protection on its own. In order to become useful, ModSecurity™ must
be configured with rules. In order to enable users to take full advantage
of ModSecurity™ out of the box, Trustwave's SpiderLabs is providing a free
certified rule set for ModSecurity™ 2.x. Unlike intrusion detection and
prevention systems, which rely on signatures specific to known
vulnerabilities, the Core Rules provide generic protection from unknown
vulnerabilities often found in web applications, which are in most cases
custom coded. The Core Rules are heavily commented to allow it to be used
as a step-by-step deployment guide for ModSecurity™.
Core Rules Content

In order to provide generic web applications protection, the Core Rules
use the following techniques:

* HTTP Protection - detecting violations of the HTTP protocol and a
locally defined usage policy.
* Real-time Blacklist Lookups - utilizes 3rd Party IP Reputation
* Web-based Malware Detection - identifies malicious web content by check
against the Google Safe Browsing API.
* HTTP Denial of Service Protections - defense against HTTP Flooding and
Slow HTTP DoS Attacks.
* Common Web Attacks Protection - detecting common web application
security attack.
* Automation Detection - Detecting bots, crawlers, scanners and other
surface malicious activity.
* Integration with AV Scanning for File Uploads - detects malicious files
uploaded through the web application.
* Tracking Sensitive Data - Tracks Credit Card usage and blocks leakages.
* Trojan Protection - Detecting access to Trojans horses.
* Identification of Application Defects - alerts on application
misconfigurations.
* Error Detection and Hiding - Disguising error messages sent by the
server.


----------------------------------
ModSecurity Rules from Trustwave SpiderLabs

Project Site:
https://www.trustwave.com/modsecurity-rules-support.php

Download:
https://ssl.trustwave.com/web-application-firewall

----------------------------------



Trustwave now provides a commercial certified rule set for ModSecurity 2.x
that protects against known attacks that target vulnerabilities in public
software and are based on intelligence gathered from real-world
investigations, honeypot data and research.

1. More than 16,000 specific rules, broken out into the following attack
categories:
 * SQL injection
 * Cross-site Scripting (XSS)
 * Local File Include
 * Remote File Include

2. User option for application specific rules, covering the same
vulnerability classes for applications such as:
 * WordPress
 * cPanel
 * osCommerce
 * Joomla
 * For a complete listing of application coverage, please refer to this
link (which is updated daily).
https://modsecurity.org/application_coverage.html

3. Complements and integrates with the OWASP Core Rule Set
4. IP Reputation capabilities which provide protection against malicious
clients identified by the Trustwave SpiderLabs Distributed Web Honeypots
5. Malware Detection capabilities which prevent your web site from
distributing malicious code to clients.
##############################################