fbpx
Wikipedia

ModSecurity

April 10, 2024

ModSecurity, sometimes called Modsec, is an open-source web application firewall (WAF). Originally designed as a module for the Apache HTTP Server, it has evolved to provide an array of Hypertext Transfer Protocol request and response filtering capabilities along with other security features across a number of different platforms including Apache HTTP Server,[2][3] Microsoft IIS and Nginx.[4] It is free software released under the Apache license 2.0.

ModSecurity
Original author(s)Ivan Ristić
Developer(s)OWASP, formerly Trustwave SpiderLabs
Initial releaseNovember 2002; 21 years ago (2002-11)
Stable release
3.0.12[1]  / 30 January 2024; 2 months ago (30 January 2024)
Repository
  • github.com/SpiderLabs/ModSecurity
Written inC++ (3.x), C (2.x)
Available inEnglish
LicenseApache License 2.0
Websitehttps://owasp.org/www-project-modsecurity/

The platform provides a rule configuration language known as 'SecRules' for real-time monitoring, logging, and filtering of Hypertext Transfer Protocol communications based on user-defined rules.

Although not its only configuration, ModSecurity is most commonly deployed to provide protections against generic classes of vulnerabilities using the OWASP ModSecurity Core Rule Set (CRS).[5] This is an open-source set of rules written in ModSecurity's SecRules language. The project is part of OWASP, the Open Web Application Security Project. Several other rule sets are also available.

To detect threats, the ModSecurity engine is deployed embedded within the webserver or as a proxy server in front of a web application. This allows the engine to scan incoming and outgoing HTTP communications to the endpoint. Dependent on the rule configuration the engine will decide how communications should be handled which includes the capability to pass, drop, redirect, return a given status code, execute a script, and more.

History edit

ModSecurity was first developed by Ivan Ristić, who wrote the module with the end goal of monitoring application traffic on the Apache HTTP Server. The first version was released in November 2002 which supported Apache HTTP Server 1.3.x. Starting in 2004 Ivan created Thinking Stone to continue work on the project full-time. While working on the version 2.0 rewrite Thinking Stone was bought by Breach Security, an American-Israeli security company, in September 2006. Ivan stayed on continuing the development of version 2.0 which was subsequently released in October 2006 at the OWASP AppSec conference in Seattle.

Ristić and Breach Security released another major rewrite, version 2.5, with major syntactic changes in February 2008. In December 2008 Ivan left Breach to found SSL Labs. Shortly after Ivan's departure from Breach Security, Trustwave Holdings acquired Breach in June 2010 and relicensed ModSecurity under the Apache license. Development continued and the new license allowed easier integration of ModSecurity into other products. As a result of this there was steady adoption of ModSecurity by various commercial products. The license change also precipitated easier porting of the software. Hence, Microsoft contributed an IIS port in August 2012 and the port for Nginx was released at Black Hat Briefings in 2012.

2017 saw the second edition of the handbook released,[6] written by Christian Folini and Ivan Ristić. It covers ModSecurity up to version 2.9.2.

Being originally an Apache module, porting ModSecurity to other platforms was time-consuming and had high maintenance costs. As a result of this, a complete rewrite was started in December 2015. This new iteration, libmodsecurity, changes the underlying architecture, separating ModSecurity into a standalone engine that communicates with the web server via an API. This modular architecture-based WAF, which was announced for public use in January 2018,[7] became libmodsecurity (ModSecurity version 3.0) and has supported connectors for Nginx and Apache.

In 2021, Trustwave Holdings, announce the End-of-Sale (EOS) of Trustwave support for ModSecurity effective August 1, 2021 and the End-of-Life (EOL) of support effective July 1, 2024. The maintenance of the ModSecurity code is given to the open-source community.[8]

References edit

  1. ^ Error: Unable to display the reference properly. See the documentation for details.
  2. ^ "How to secure your Apache 2 server in four steps". Techrepublic.com. 18 November 2016. Retrieved 7 January 2018.
  3. ^ Shah, Shreeraj. . Onlamp.com. Archived from the original on 7 January 2018. Retrieved 7 January 2018.
  4. ^ Lardinois, Frederic (23 August 2016). "NGINX Plus's latest release puts the focus on security". Techcrunch.com. Retrieved 7 January 2018.
  5. ^ "OWASP ModSecurity Core Rule Set – The 1st Line of Defense Against Web Application Attacks". Coreruleset.org. Retrieved 7 January 2018.
  6. ^ ModSecurity Handbook. Retrieved 7 January 2018. {{cite book}}: |website= ignored (help)
  7. ^ "ModSecurity Version 3.0 Announcement". www.trustwave.com. Retrieved 12 September 2019.
  8. ^ "End of Sale and Trustwave Support for ModSecurity Web Application Firewall". trustwave.com. Retrieved 14 October 2021.

External links edit

  • Official website
  • Official ModSecurity documentation
  • How To Set Up mod_security with Apache on Debian/Ubuntu
  • Linux ModSecurity Introduction and Install guide 2011-08-12 at the Wayback Machine
  • Searchsecurity.techtarget.com
  • Official github repository

April 10, 2024
modsecurity, this, article, needs, additional, citations, verification, please, help, improve, this, article, adding, citations, reliable, sources, unsourced, material, challenged, removed, find, sources, news, newspapers, books, scholar, jstor, january, 2018,. This article needs additional citations for verification Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed Find sources ModSecurity news newspapers books scholar JSTOR January 2018 Learn how and when to remove this template message ModSecurity sometimes called Modsec is an open source web application firewall WAF Originally designed as a module for the Apache HTTP Server it has evolved to provide an array of Hypertext Transfer Protocol request and response filtering capabilities along with other security features across a number of different platforms including Apache HTTP Server 2 3 Microsoft IIS and Nginx 4 It is free software released under the Apache license 2 0 ModSecurityOriginal author s Ivan RisticDeveloper s OWASP formerly Trustwave SpiderLabsInitial releaseNovember 2002 21 years ago 2002 11 Stable release3 0 12 1 30 January 2024 2 months ago 30 January 2024 Repositorygithub wbr com wbr SpiderLabs wbr ModSecurityWritten inC 3 x C 2 x Available inEnglishLicenseApache License 2 0Websitehttps owasp org www project modsecurity Free and open source software portalThe platform provides a rule configuration language known as SecRules for real time monitoring logging and filtering of Hypertext Transfer Protocol communications based on user defined rules Although not its only configuration ModSecurity is most commonly deployed to provide protections against generic classes of vulnerabilities using the OWASP ModSecurity Core Rule Set CRS 5 This is an open source set of rules written in ModSecurity s SecRules language The project is part of OWASP the Open Web Application Security Project Several other rule sets are also available To detect threats the ModSecurity engine is deployed embedded within the webserver or as a proxy server in front of a web application This allows the engine to scan incoming and outgoing HTTP communications to the endpoint Dependent on the rule configuration the engine will decide how communications should be handled which includes the capability to pass drop redirect return a given status code execute a script and more History editModSecurity was first developed by Ivan Ristic who wrote the module with the end goal of monitoring application traffic on the Apache HTTP Server The first version was released in November 2002 which supported Apache HTTP Server 1 3 x Starting in 2004 Ivan created Thinking Stone to continue work on the project full time While working on the version 2 0 rewrite Thinking Stone was bought by Breach Security an American Israeli security company in September 2006 Ivan stayed on continuing the development of version 2 0 which was subsequently released in October 2006 at the OWASP AppSec conference in Seattle Ristic and Breach Security released another major rewrite version 2 5 with major syntactic changes in February 2008 In December 2008 Ivan left Breach to found SSL Labs Shortly after Ivan s departure from Breach Security Trustwave Holdings acquired Breach in June 2010 and relicensed ModSecurity under the Apache license Development continued and the new license allowed easier integration of ModSecurity into other products As a result of this there was steady adoption of ModSecurity by various commercial products The license change also precipitated easier porting of the software Hence Microsoft contributed an IIS port in August 2012 and the port for Nginx was released at Black Hat Briefings in 2012 2017 saw the second edition of the handbook released 6 written by Christian Folini and Ivan Ristic It covers ModSecurity up to version 2 9 2 Being originally an Apache module porting ModSecurity to other platforms was time consuming and had high maintenance costs As a result of this a complete rewrite was started in December 2015 This new iteration libmodsecurity changes the underlying architecture separating ModSecurity into a standalone engine that communicates with the web server via an API This modular architecture based WAF which was announced for public use in January 2018 7 became libmodsecurity ModSecurity version 3 0 and has supported connectors for Nginx and Apache In 2021 Trustwave Holdings announce the End of Sale EOS of Trustwave support for ModSecurity effective August 1 2021 and the End of Life EOL of support effective July 1 2024 The maintenance of the ModSecurity code is given to the open source community 8 References edit Error Unable to display the reference properly See the documentation for details How to secure your Apache 2 server in four steps Techrepublic com 18 November 2016 Retrieved 7 January 2018 Shah Shreeraj Securing Web Services with mod security O Reilly Media Onlamp com Archived from the original on 7 January 2018 Retrieved 7 January 2018 Lardinois Frederic 23 August 2016 NGINX Plus s latest release puts the focus on security Techcrunch com Retrieved 7 January 2018 OWASP ModSecurity Core Rule Set The 1st Line of Defense Against Web Application Attacks Coreruleset org Retrieved 7 January 2018 ModSecurity Handbook Retrieved 7 January 2018 a href Template Cite book html title Template Cite book cite book a website ignored help ModSecurity Version 3 0 Announcement www trustwave com Retrieved 12 September 2019 End of Sale and Trustwave Support for ModSecurity Web Application Firewall trustwave com Retrieved 14 October 2021 External links editOfficial website Official ModSecurity documentation How To Set Up mod security with Apache on Debian Ubuntu Linux ModSecurity Introduction and Install guide Archived 2011 08 12 at the Wayback Machine Searchsecurity techtarget com Official github repository Retrieved from https en wikipedia org w index php title ModSecurity amp oldid 1218199242, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.