Home Features Documentation Resources Download Contact

Web Intrusion Detection And Prevention

ModSecurity at work

ModSecurity is an open source intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks.

Status: The current stable version is 1.8.4.

ModSecurity is dual licenced. It is freely available for general use under the GNU General Public Licence. Alternatively, it is available under a licence suitable for distribution in closed-source commercial systems.

News and updates

29.7.2004 - mod_security 1.8.4
This is a maintenance release, which fixes the minor problems found in v1.8.3.

7.7.2004 - mod_security 1.8.3
This is a maintenance release, which fixes the minor problems found in previous versions.

22.6.2004 - mod_security 1.8.2
This is a maintenance release, which fixes all the known issues in 1.8.

15.6.2004 - mod_security 1.8
After more than six months of development, resulting in a 40% larger code base, a stable version of the 1.8 branch is available.

11.6.2004 - mod_security 1.8RC2
The second release candidate fixes a few small bugs and greatly enhances the way events are logged into the error log.

26.5.2004 - mod_security 1.8RC1
A step closer to a stable release, 1.8RC1 includes many small improvements and fixes, and compiles under Windows and Netware. Users are encouraged to test this version and prepare for the final 1.8 release.

12.5.2004 - Anouncement: Apache Security, the book
I am happy to announce I have been commissioned to write Apache Security for O'Reilly. This book will be one comprehensive resource for all Apache security-related matters, covering traditional administration and web application security at the same time. All the information you need to maintain a solid and secure Apache installation will be provided in one package. The book is scheduled for release in late 2004.


ModSecurity/Java is an implementation of the ModSecurity concepts for Java Web servers. A prototype implementation is available for download.

The purpose of this release is to gauge the interest for the full version of ModSecurity for Java Web servers. Therefore if you like it, want it, and otherwise think of it as a very good idea - be sure to let me know.


Introducing mod_security
Running public web applications may seem like playing Russian roulette. Although achieving robust security on the Web is possible in theory, there's always a weak link in real life. It only takes one slip of the code to allow attackers unrestricted access to your data.

Web Security Appliance with Apache and mod_security
As more and more attacks are being carried out over the HTTP layer there is a growing need to push the envelope and bring Web security to new levels. This article will demonstrate how you can build your own application gateway with little effort, using open source components that are widely available.

Rule database

Rule database is a searchable collection of ModSecurity rules, cross-referenced by products and vulnerabilities. Available now, this facility enables software developers and system administrators to share rules, and achieve a much greater level of protection.

Web Security Blog

Copyright © 2002-2004 Ivan Ristic
modsecurity protected