ModSecurity Migration Matrix

For all of you who are using ModSecurity 1.x and looking for information on migrating to Mod 2.x, ...

Read More

Webinar Featuring WHID on the Top Trends in Web Application Threats

On April 11th I'm going to present a webinar on web application security, with a twist. The Webinar ...

Read More

Regular Expression Development Tools

Since ModSecurity is based on regular expressions. Writing rules requires developing and testing ...

Read More

2.1/1.x Rule Differences For Identifying Missing/Empty Headers and Variables

There are certain scenarios where you might want to create white-listed ModSecurity rulesets which ...

Read More

ModSecurity Console: Purpose and Deployment

If you have more then 1 ModSecurity installation, you have undoubtedly run into issues with ...

Read More

ModSecurity ASCIIZ Evasion

It has been brought to our attention that a fault in the ModSecurity parsing code has been ...

Read More

ModSecurity Status Report

I enjoyed talked about ModSecurity (and web application firewalls) in front of the London OWASP ...

Read More

Handling False Positives and Creating Custom Rules

It is inevitable; you will run into some False Positive hits when using web application firewalls. ...

Read More

Dealing with Impedance Mismatch

In my previous post I described a potential problem with web application firewalls protecting web ...

Read More

Testing Core Rules Protection For An Example SQL Injection Vulnerability

SANS released their 6th edition of the @RISK Weekly News Letter. In it, there were a total of 44 ...

Read More

HTTPrint vs. ModSecurity

There was a great email posted to the ModSecurity user mail-list today that asked about ...

Read More

PHP Peculiarities for ModSecurity Users

As I was reviewing the ModSecurity 2.1.0-rc7 Reference Manual I realised it did not contain some ...

Read More

ModSecurity 2.1.0 Improvements

I have just packaged and released ModSecurity for Apache v2.1.0-rc7, in preparation for the first ...

Read More

SANS @Risk Web Vulnerabilities List Mitigation Steps

This is a listing of Web Application Vulnerabilities that were released by SANS in their @RISK ...

Read More

Top 10 Web Hacks of 2006

Jeremiah Grossman gives an excellent overview of the top Web hacks of 2006. If you haven't been ...

Read More

Key Advantages of the Core Rule Set

Following a question on the core rule set on the ModSecuirty mailing list, I would like to list ...

Read More

Using ModSecurity 2 Collections in Rules

A recent posting on the ModSecurity mailing list by K.C. Li is a very good excuse to discuss some ...

Read More

ModSecurity v2.0 Webcast

In response to many of the common questions and issues posted to the mail-list, we at Breach ...

Read More

Talking About ModSecurity 2.0 With Federico Biancuzzi for SecurityFocus

A while ago Federico Biancuzzi contacted me to ask if I'd be interested to give an interview for ...

Read More

ModSecurity Cookie and Link Protection Patch

A significant event occurred on the mod-security-users mailing list in July: a large code ...

Read More

ModSecurity Performance Tip

I was asked recently to investigate performance of an ModSecurity installation in order to see if ...

Read More

Apache Reverse Proxy Memory Consumption Observations

Last week I spent some time stress-testing Apache 2.2.3 configured to work as a reverse proxy. I ...

Read More

ModSecurity 1.9.x Performance Testing

You can tell that I am too busy when I take almost three months to blog about something interesting ...

Read More

Forrester Research Q2 2006 Web Application Firewall Evaluation

Back in March 2006 I was approached by Forrester Research and invited to participate in their Q2 ...

Read More

Yahoo Small Business offers 'ModSecurity-like' functionality

I just came across this and can't help but make a note about it: A web hosting package offered by ...

Read More

ModSecurity 2: Variables, Collections and Transaction Scoring

Variables and collections are concepts new to ModSecurity 2. ModSecurity 1.x does allow you to use ...

Read More

ModSecurity Console Now Available

I love the command line, I do. But there are some tasks where this type of user interface is simply ...

Read More

ModSecurity 2: Explicit Normalisation Options

One of the things I realy dislike in ModSecurity 1.x is that its anti-evasion features are ...

Read More