Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

ModSecurity 2.1.2 Released

Today I released ModSecurity 2.1.2. This is the latest stable release of ModSecurity. The 2.1.2 release contains several small updates. Users are encouraged to upgrade.

Notable changes as follows:

  • Full-width Unicode is now decoded by the urlDecodeUni transformation function.
  • Under some conditions (notably with mod_deflate and some other filters) earlier versions of ModSecurity were not correctly intercepting requests that used internal subrequests.
  • Core Rules were updated to the latest version (1.4.3).
  • Avoid using the hidden visibility attribute on functions when building on Solaris and under Cygwin.
  • Some sections of the documentation have been enhanced and/or clarified.
  • The license has been clarified to be GPLv2.
  • Copyright notices were changed to Breach Security, Inc.

As always, send questions/comments to the user mailing list. You can get the latest release, documentation and subscribe to the user mailing list from the ModSecurity web site, See the CHANGES file in the distribution for a full list of changes.

Recent SpiderLabs Blog Posts