Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Hello all. As this is my first official blog entry, let me first start off with a short introduction...
My name is Brian Rectanus (pronounced rec-tan-us, for those curious). As some of you may already know, I was hired by Breach Security, Inc. in February as the primary ModSecurity developer. So far, I have worked on mainly bug-fixes and smaller features in the ModSecurity 1.9.x and 2.1.x branches, but most of my time is being spent on the upcoming version 2.2.0 release. My PGP key for verifying archive signatures can be found on most any PGP keyserver (pgp.mit.edu).
With 2.2.0, Ivan and I will be periodically releasing a development branch that is a stabilized version of the main ModSecurity development branch. This is partially so that users can have access to new features sooner, but is primarily meant to be a means to allow the ModSecurity community to become more involved in the future of ModSecurity as well as to keep ModSecurity as stable as possible for official releases. With the development releases, users will have a chance to preview upcoming changes and provide valuable feedback to the developers before changes, features, configuration syntax, etc. become finalized.
Typically there will be 3-4 development releases followed by release candidates, then a final release. Each development release will enhance upon the previous by adding more features and changes. Once Ivan and I are happy with the changes, I will close the branch to new features and start the release candidates -- with only bug fixes and minor changes -- until the code is stabilized. At that point I will release the final version.
With that, I am happy to announce the general availability of the first development release for ModSecurity version 2.2.0. The source code is available in the download section of the ModSecurity Website. Below is an outline of the new features and changes in this release so far. Please see the documentation included in the release for full details and usage examples. Please direct any comments to the ModSecurity User Support mailing list.
@prepend value
and @append value
to inject content into the output.GEO
collection -- from any existing ModSecurity variable by using the new @geoLookup
operator.@streq
, @beginsWith
and @endsWith
-- to allow an easier-to-use non-regular expression operator. Values will have macros interpreted prior to a match, so that you can do "@streq %{REMOTE_ADDR}"
, etc.t:length
-- transforms a value into a numeric character length.t:trimLeft
, t:trimRight
or t:trim
to trim whitespace from the left, right or both, respectively.RESPONSE_CONTENT_LENGTH
, RESPONSE_CONTENT_TYPE
, and RESPONSE_CONTENT_ENCODING
-- were added.HTTP_HEADER_NAME
variables for request headers. The 2.x REQUEST_HEADERS:Header-Name
should now be used.%0 - %9
TX variables that expanded to numbered captures. Use %{TX.0} - %{TX.9}
instead.Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.