Showing 7 results for: 2017 ×ModSecurity Rules ×

ModSecurity Web Application Firewall - Commercial Rules Update

We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we are highlighting virtual patches...

ModSecurity version 3: Fuzzing as part of the QA

The stability of any given project is often tracked by its maturity, which is generally measured by how old the code is. Even though this may be true a lot of the time, here at Trustwave SpiderLabs we wanted to...

Is ModSecurity's SecRules Turing Complete?

Have you ever seen a rule for ModSecurity? They may look similar to the following: SecRule REQUEST_URI "@endswith example.com/index.html" "id:1,log,deny,redirect:http://modsecurity.org" This rule may look complicated, but it is extremely basic. It says, if you find a URL ending with example.com/index.html...