Home

ModSecurity is an open source, cross platform web application firewall (WAF) developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

• Frequently Asked Questions
• Getting Help

📚 Documentation

• Installation from source
• Reference Manual

• Introduction
• Rule Sets (OWASP Core)
• Installation Apache
• Configuration Apache
• Installation Nginx
• Configuration Nginx
• Installation IIS
• Configuration Reference
• Recommended Base Configuration

• Log Data Format
• Tools
• Windows Troubleshooting

🚢 Development

• Roadmap
• Milestones
• Debugging
• Distribution specific packaging
• Ideas Google Summer of Code 2016

---

ModSecurity 3

• Motivations & Goals (Blog Post)
• Overview of Changes

Components

• libModSecurity
• Nginx Connector
• Apache Connector
• Pcap Connector
• Python Bindings