Home

ModSecurity is an open source, cross platform web application firewall (WAF) engine donated to OWASP in 2024. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Securing tens of millions of domains, ModSecurity is the most widely deployed WAF engine in existence.

The WIKI has been transferred from Trustwave to OWASP ModSecurity together with the code repo. It is partially outdated and will have to be overhauled. In the meantime, read with caution.

• Frequently Asked Questions TO BE REVIEWED OR ARCHIVED
• Getting Help TO BE REVIEWED OR ARCHIVED

📚 Documentation

ModSecurity version 3 / libModSecurity version 3

• Installation from source
• Reference Manual v3.x

ModSecurity version 2

• Reference Manual v2.x (Some people experience difficulty with the rendering for this version of the document)
• Reference Manual v2.x (Split)
• Windows Troubleshooting

🚢 Development

• Milestones
• Debugging
• Distribution specific packaging

---

ModSecurity 3

• Motivations & Goals (Blog Post)
• Overview of Changes

Components

• libModSecurity
• Nginx Connector
• Apache Connector
• Pcap Connector
• Python Bindings

Wiki Archive

These are legacy pages, that are kept around for future reference.

• Log Data Format TO BE ARCHIVED
• Tools TO BE ARCHIVED
• Development Roadmap TO BE ARCHIVED
• Ideas Google Summer of Code 2016 TO BE ARCHIVED