Showing 3 results for: January 2006 ×ModSecurity ×

Web application firewalls primer

(IN)SECURE Magazine Issue 1.5 has just been published. I wrote the cover story, titled "Web application firewalls primer". There are two sides to the article. In the first half I deal with the name web application firewall itself, and with...

Web Application Firewall Evaluation Criteria v1 Released

The Web Application Firewall Evaluation Criteria (WAFEC) v1.0 has been released over the weekend. You can get it from here. WAFEC is a well-rounded effort to enumerate the features of web application firewalls (WAFs). I managed the project, but the...

ModSecurity Rules subproject added

If you are a ModSecurity user you may have noticed that I am distributing ModSecurity without any rules. This may seem strange at a first glance, but there is a good reason for it. ModSecurity did, in fact, come with...