Hack In The Box: Better Living Through ModSecurity

"We've all heard of web application level firewalls, and they're certainly not something new, with several good commercial offerings available for quite some time. Most of these products will offer some kind of web based administration and reporting facilities to allow simple and straight forward management.

"On the open source end of the scale we have a project named ModSecurity. According to the Mod Security website, ModSecurity is an open source intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks..."

Complete Story

Related Stories:

• SearchEnterpriseLinux: Mainstream Means More Malicious Code for Linux(Mar 17, 2004)
• Sitepoint: Configure Web Logs in Apache(Feb 26, 2004)
• OSNews: A Customer-Driven Approach to Open Software: "Community Code"(Feb 19, 2004)
• developerWorks: Prevent a Cross-Site Scripting Attack(Feb 09, 2004)