ModSecurity Cookie and Link Protection Patch

A significant event occurred on the mod-security-users mailing list in July: a large code contribution was made by Daniel Fernndez Bleda and Carles Bonamusa Prez from Internet Security Auditors. The patch, made against ModSecurity 1.9.4, adds cookie and link protection using hashing and encryption. The patch is now available for download from the ModSecurity web site. Please note that the code is not yet production ready and that you should use it for testing purposes only. I expect to merge this code into the official code base soon (targeting the next stable release after 2.0.0).

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.