Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Selective Filtering

I've just added a new feature to mod_security (CVS, both versions) that allows you to achieve a better control of what gets filtered. Up until now mod_security looked at every single request. Since most static resources (e.g. images) are not vulnerable it is safe to assume that we don't need to look at those types of requests. And, the number of image requests versus (dynamic) page requests is much bigger the savings in CPU cycles are probably quite big.