WebApp Sec mailing list archives
[ANNOUNCEMENT] mod_security 1.4 released
From: Ivan Ristic <ivanr () webkreator com>
Date: Mon, 27 Jan 2003 19:03:33 +0000
Mod_security 1.4 has been released. It is immediately available for download from: http://www.webkreator.com/mod_security/download/ This is a major release, adding a lot of new features. About mod_security ------------------ Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Requests are filtered using regular expressions. Some of the things possible are: * Apply filters against any part of the request (URI, headers, either GET or POST) * Apply filters against individual parameters * Reject SQL injection attacks * Reject Cross site scripting attacks Changes ------- This release adds major improvements (the size of the source code grew by 60%), including improved logging (Apache error log, separate debug log, and audit log), two new response actions (execute external program and redirect to a custom URL), new features for selective filtering (variable names and variable values), a regression testing utility and tests, and several bugfixes. Bye, Ivan Ristic
Current thread:
- [ANNOUNCEMENT] mod_security 1.4 released Ivan Ristic (Jan 27)