ModSecurity is an awesome multi-purpose, open source, cross-platform web application firewall (WAF). The firewall lets web application defenders gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.
ModSecurity provides powerful, customizable protection for web applications and websites. There are more than 10,000 deployments of ModSecurity. With good reason, i’s our gold award winner for web application firewalls.
With excellent real-time web application monitoring, logging, and access control, the software gives the system administrator the visibility they need to help sleep peacefully at night.
Key Features
- Powerful and flexible with a solid rule language.
- Real-time application security monitoring and access control. It uses full request and response buffering.
- Full HTTP traffic logging – log raw transaction data with the flexibility of deciding which transactions are logged.
- Continuous passive security assessment – a variation of real-time monitoring.
- Web application hardening – attack surface reduction letting you narrow down the HTTP features you accept.
- Virtual patching – fix issues without having to modify the web applications.
- Two deployment options: embedded and reverse proxy deployment. ModSecurity is an Apache module, so it can be added to any compatible version of Apache. In this mode, ModSecurity runs inside the webserver process.
- Passive – it doesn’t interact with a transaction unless it’s instructed to.
- Support for Lua.
- Logs include:
- Debug log;
- Serial and concurrent audit logs;
- Remote logging with mlogc (ModSecurity Log Collector);
- File upload interception;
- Guardian log.
- libModSecurity is fully compatible with OWASP CRS and Trustwave Commercial rules.
- Data persistence
- Support for anomaly scoring and basic event correlation.
- Support for web applications and session IDs.
- XML support (parsing, validation, XPath).
- Version 3 doesn’t depend on Apache nor Apache Runtime.
Website: www.modsecurity.org
Support: GitHub Code Repository, FAQ, ModSecurity Handbook: Getting Started 2ed Online
Developer: Trustwave’s SpiderLabs Team
License: Apache License 2.0
ModSecurity is written in C++. Learn C++ with our recommended free books and free tutorials.
Related Software
| Web Application Firewalls | |
|---|---|
| ModSecurity | Web Application Firewall Engine for Apache, IIS and Nginx |
| BunkerWeb | Next-generation Web Application Firewall |
| NAXSI | Nginx Anti XSS & SQL Injection |
| Coraza | Enterprise grade, Golang port of ModSecurity |
| open-appsec | Automatic web application and API security using machine learning |
| lua-resty-waf | High Performance WAF Built on the OpenResty Stack |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |