Mod Security is an open-source web-based firewall application (or WAF) supported by different web servers: Apache, Nginx and IIS. Mod Security’s Open Source availability has resulted in it becoming one of the world’s most popular Web application firewalls and this application layer firewall is developed by Trustwave’s SpiderLabs and released under Apache License 2.0. Mod … Read more
No matter how well a web server is configured, it is useless if it’s not properly secured. It’s a famous saying, ‘a chain is as strong as its weakest link’. As a system admin you have to address all vulnerabilities of your server. Since one single untreated vulnerability will be exploited by an attacker and … Read more
ModSecurity SecRemoteRules directive allows the user to load rules from a remote server. Requirements Internet connection ModSecurity at least 2.9.x How SecRemoteRules Works 1. When HTTP daemon starts, it loads the configuration files. 2. Configuration files have the SecRemoteRules directive, which tries to connect the Remote Server load rules. 3. When the connection is created … Read more
Introduction ModSecurity is an open-source Web Application Firewall (WAF) for Apache, Nginx and IIS web server. This application layer firewall is developed by Trustwave’s SpiderLabs and released under Apache License 2.0. ModSecurity protects websites from hackers by using a set of regular expression rules to filter out commonly known exploits, it allows HTTP traffic monitoring, … Read more