Security Resources

Software Updates

Announcing ModSecurity versions 3.0.8 and 2.9.6

We are announcing the release of ModSecurity 3.0.8 (libModSecurity) and 2.9.6. These versions contain both new features and bug fixes.

Of note are some updates to request body parsing to prevent certain rule-bypass opportunities. Stay tuned. We are going to release some follow-up blog content providing more details of these items.

New features and security impacting issues

Bug fixes – v2

Bug fixes – v3

Additional information on the releases, including the source and binaries (and hashes/signatures), is available at:

The list of open issues is available on GitHub: https://github.com/SpiderLabs/ModSecurity/issues

Thanks to everybody who helped in this process: reporting issues, making comments and suggestions, sending patches, etc.