Hack In The Box: Better Living Through ModSecurity
Apr 08, 2004, 07:00 (0 Talkback[s])
(Other stories by Dhillon A. K.)
"We've all heard of web application level firewalls, and they're
certainly not something new, with several good commercial offerings
available for quite some time. Most of these products will offer
some kind of web based administration and reporting facilities to
allow simple and straight forward management.
"On the open source end of the scale we have a project named
ModSecurity. According to the Mod Security website, ModSecurity is
an open source intrusion detection and prevention engine for web
applications. Operating as an Apache Web server module, the purpose
of ModSecurity is to increase web application security, protecting
web applications from known and unknown attacks..."