ModSecurity is an open-source web-based firewall application (or WAF) supported by different web servers: Apache, Nginx, and IIS. With over 70% of all attacks now carried out over the web application level, organizations need every help they can get in making their systems secure.
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. Web application firewalls are deployed to establish an external security layer that increases the protection level, detects, and prevents attacks before they reach web-based software programs.
It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging, and real-time analysis. ModSecurity commonly installed in conjunction with Apache, an open source web server. The benefits of using mod_security are numerous and encompass defense from many kinds of web-based attack including code injection and brute force attacks.
The module is configured to protect web applications from various attacks. ModSecurity supports flexible rule engine to perform both simple and complex operations. It can potentially block common code injection attacks which strengthens the security of the server. It comes with a Core Rule Set (CRS) which has various rules for cross website scripting, bad user agents, SQL injection, trojans, session hijacking, and other exploits.
Monday, July 28, 2014