Set-based Pattern Matching Example

Large Wordlist Example You will find the greatest benefit of using the set based matching opertors ...

Read More

OWASP London Chapter December 6th Presentations Now Online

We've had a couple of very interesting presentations on the OWASP London Chapter December 6th ...

Read More

Initial Release Candidate for ModSecurity 2.5.0 (2.5.0-rc1)

The first release candidate for the ModSecurity 2.5 release is now available. It has been a while ...

Read More

Using Transactional Variables Instead of SecRuleRemoveById

Using SecRuleRemoveById to handle false positives The SecRuleRemoveById directive is most often ...

Read More

ModSecurity 2.1.4 Now Available

ModSecurity 2.1.4 is the latest stable release of ModSecurity. The 2.1.4 release includes an ...

Read More

Installling ModSecurity

ModSecurity is a really powerful beast. It can do anything you want, at least when what you want ...

Read More

WASC Distributed Open Proxy Honeypot: Blind SQL Injection Attempt (Update)

As some of you may know, I am heading up the WASC Distributed Open Proxy Honeypot Project. The ...

Read More

ModSecurity Training at OWASP/WASC AppSec 2007

I am very excited to announce that I will be instructing a live 2-day ModSecurity Training class at ...

Read More

ModSecurity 2.1.3 Now Available

ModSecurity 2.1.3 is the latest stable release of ModSecurity. The 2.1.3 release contains some ...

Read More

Web Services Security

NIST has released a new guide on securing Web Services. It is a pretty good read for anyone who is ...

Read More

Virtual Patching During Incident Response: United Nations Defacement

Virtual Patching is a policy for a web application firewall (in this case ModSecurity) that is able ...

Read More

ModSecurity 2.1.2 Released

Today I released ModSecurity 2.1.2. This is the latest stable release of ModSecurity. The 2.1.2 ...

Read More

On Your Marks, Get Set, Go: Vulnerability Mitigation Race

In many ways vulnerability remediation is like a Track and Field race and the firing of the ...

Read More

ScallyWhack: ModSecurity Rules Package to Deal with Trac Comment Spam

Michael Renzmann wrote to the ModSecurity mailing list recently announcing project ScallyWhack. ...

Read More

Another ModSecurity Development Release

Last week I released the second ModSecurity development release, 2.5.0-dev2, in preparation for the ...

Read More

Apache Process Infection

A very interesting research paper titled "Apache Prefork MPM Vulnerabilities" was released a few ...

Read More

Optimizing Regular Expressions

As many of you have noticed, the Core Rule Set contains very complex regular expressions. For ...

Read More

Managing ModSecurity Alerts: More Console Tuning

In a previous Blog entry, I outlined a number of steps that you could take to increase performance ...

Read More

Extended Validation Certificates: A Change for the Better (But Not Enough)

On June 12th, 2007, the CA/Browser Forum (a group that consists of leading certificate authorities ...

Read More

Universal PDF XSS Revisited

The Universal PDF XSS vulnerability was a tipping point for most people involved with web ...

Read More

ModSecurity Rule for Full-width/Half-width Unicode Evasion Detection

You have probably heard it by now, but US-CERT released a Vulnerability Note last week entitled ...

Read More

ModSecurity 2.2.0 Development Releases

Hello all. As this is my first official blog entry, let me first start off with a short ...

Read More

ModSecurity Console Performance Tuning

Help, my ModSecurity Community Console is not responding!" Perhaps you have seen this type of email ...

Read More

ModSecurity Migration Matrix

For all of you who are using ModSecurity 1.x and looking for information on migrating to Mod 2.x, ...

Read More

Webinar Featuring WHID on the Top Trends in Web Application Threats

On April 11th I'm going to present a webinar on web application security, with a twist. The Webinar ...

Read More

Regular Expression Development Tools

Since ModSecurity is based on regular expressions. Writing rules requires developing and testing ...

Read More

2.1/1.x Rule Differences For Identifying Missing/Empty Headers and Variables

There are certain scenarios where you might want to create white-listed ModSecurity rulesets which ...

Read More

ModSecurity Console: Purpose and Deployment

If you have more then 1 ModSecurity installation, you have undoubtedly run into issues with ...

Read More