In this article, we are discussing about ModSecurity v3.0 and will show you how to install ModSecurity v3.0 for the Nginx web server. If you are new to ModSecurity, start by reading our article: What is ModSecurity, and why do we need it? First we can look what’s new in ModSecurity 3.0 Redesigned to work … Read more
No matter how well a web server is configured, it is useless if it’s not properly secured. It’s a famous saying, ‘a chain is as strong as its weakest link’. As a system admin you have to address all vulnerabilities of your server. Since one single untreated vulnerability will be exploited by an attacker and … Read more
ModSecurity SecRemoteRules directive allows the user to load rules from a remote server. Requirements Internet connection ModSecurity at least 2.9.x How SecRemoteRules Works 1. When HTTP daemon starts, it loads the configuration files. 2. Configuration files have the SecRemoteRules directive, which tries to connect the Remote Server load rules. 3. When the connection is created … Read more
Introduction ModSecurity is an open-source Web Application Firewall (WAF) for Apache, Nginx and IIS web server. This application layer firewall is developed by Trustwave’s SpiderLabs and released under Apache License 2.0. ModSecurity protects websites from hackers by using a set of regular expression rules to filter out commonly known exploits, it allows HTTP traffic monitoring, … Read more