First development release of ModSecurity 2.x
It's that time of year again, when I get to work on new features (instead of supporting the old ...
Read MoreIt's that time of year again, when I get to work on new features (instead of supporting the old ...
Read MoreI have just released ModSecurity for Apache 1.9.3-rc1, a release candidate, as I always do when ...
Read MoreI spent some time this week at the EUSecWest conference here in London. EUSecWest is a ...
Read More(IN)SECURE Magazine Issue 1.5 has just been published. I wrote the cover story, titled "Web ...
Read MoreIf you are a ModSecurity user you may have noticed that I am distributing ModSecurity without any ...
Read MoreSome ModSecurity users like to run really large rule sets, where the number of rules runs into ...
Read MoreMy article ("What's New in ModSecurity"), which describes the most important improvements in 1.9, ...
Read MoreOne of the major improvements in the next release of ModSecurity (v2.0) will be the support for a ...
Read MoreFinally. I already wrote about many new features available in this release. Relieved from the ...
Read MoreThe web application firewall (WAF) market is a bit confusing at the moment since it is not clear ...
Read MoreA small number of new features made it into 1.9 at the very last minute. Initially I intended to ...
Read MoreA new beta version of the Apache web server has been released. This release is important because it ...
Read MoreYou may have noticed it's been a while since ModSecurity has had a major release. This does not ...
Read MoreAs some of you may know, I've been working on the portable web application firewall (WAF) rule ...
Read MoreThis version implements the final batch of major improvements to the 1.9.x series. These include a ...
Read MoreA while ago Greg Murray (the Servlet specification lead) asked for ideas for Servlet improvements. ...
Read MoreI have been keeping a list of web security improvement ideas for some time now. It's a list that ...
Read MoreI have made the PHP chapter from Apache Security available for free download. When we made the ...
Read MoreRecently there has been increased interest in the impedance mismatch problem, which occurs between ...
Read MoreIt always pays off to visit Richard Bejtlich's blog once in a while. (Or, even better, subscribe to ...
Read MoreWeb application firewalls have a difficult job trying to make sense of data that passes by, without ...
Read MoreSecond release candidate for mod_security 1.8.7 is available for download. I performed a detailed ...
Read MoreI have just released an updated version of ModSecurity for Java. This version implements the core ...
Read MoreI have been asked to design a mod_security rule to protect sites from the recent PHPBB worm. Now, I ...
Read MoreFor some time now I've been working on a portable web firewall rule format as part of the OASIS WAS ...
Read MoreThey've been very quiet for a number of months and now you know what they have been doing - working ...
Read MoreApplication Vulnerability Description Language (AVDL) has been approved as an OASIS standard last ...
Read MoreO'Reilly have a new book out: Network Security Hacks. It is a really good book (I read it on Safari ...
Read More