WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

ModSecurity 1.9 FINAL has been released

From: Ivan Ristic <ivanr () webkreator com>
Date: Tue, 15 Nov 2005 18:24:47 +0000

ModSecurity 1.9 FINAL has been released. It is available for
immediate download from:

    http://www.modsecurity.org/download/

After more than a year in development, ModSecurity 1.9 introduces
a number of changes that further increase usefulness of this
web application security tool.


Changes (since 1.8)
-------------------

Major enhancements include:

* A brand new audit logging subsystem aimed at supporting
  real time aggregation of the forensic logs. It is now possible
  to fine-tune forensic logging and even log complete responses.

* Significant rule engine enhancements that increase flexibility,
  introduce meta-data facilities, and allow for safe inclusion of
  third-party produced rule databases.

* A new stateful request monitoring mechanism, which includes
  tools for defence against Denial of Service attacks.

* Many smaller improvements throughout, including: performance
  measurement, ten new actions, seventeen new variables,
  output status filtering, performance improvements, support for
  methods other than GET and POST, ClamAV integration, and so on.

For a list with more details please visit:
http://www.modsecurity.org/blog/archives/2005/09/whats_new_in_mo.html


About ModSecurity
-----------------
ModSecurity is a web application firewall designed to protect
vulnerable applications and reject manual and automated attacks.
It is an open source intrusion detection and prevention system. It
can work embedded in Apache, or as a standalone security device when
configured to work as part of an Apache-based reverse proxy.

Optionally, ModSecurity creates application audit logs, which contain
the full request body in addition to all other details. Requests are
filtered using regular expressions. Some of the things possible are:

  * Apply filters against any part of the request (URI,
    headers, either GET or POST)
  * Apply filters against individual parameters
  * Reject SQL injection attacks
  * Reject Cross site scripting attacks
  * Store the files uploaded through the web server, and have them
    checked by external scripts

With a few general rules ModSecurity can protect from both known
and unknown vulnerabilities. It excels as a tool for HTTP traffic
monitoring and just-in-time patching.

ModSecurity is dual-licensed. It can be used at no cost under the
terms of GPL v2. Support and commercial licences (for end-users
and OEM distributors) can be obtained from Thinking Stone
(http://www.thinkingstone.com).

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org
Previous By Date Next
Previous By Thread Next

Current thread: