
ModSecurity
ModSecurity is an open source web application firewall. Working embedded in the web server, or standalone as a network appliance, it detects and prevents attacks against...
What is ModSecurity?
ModSecurity is an open source web application firewall. Working embedded in the web server, or standalone as a network appliance, it detects and prevents attacks against web applications.
ModSecurity Screenshots
ModSecurity Features
ModSecurity information
Supported Languages
- English
GitHub repository
- 6,418 Stars
- 1,441 Forks
- 177 Open Issues
- Updated
Comments and Reviews
Tags
- intrusion-detection
- Web Application Security
- web-security
- intrusion-prevention
Recent user activities on ModSecurity
- sterno900 edited ModSecurityst
bilbogh added ModSecurity as alternative(s) to open-appsec
Ola removed ModSecurity as alternative(s) to Cloudflare
My web host NameCheap uses Mod_Security and I must say that I have developed an extremely STRONG dislike for Mod_Security.
It is very possible that Mod_Security has done piles to protect my websites but I have zero evidence of that.
On the other hand, I have piles of evidence of Mod_Security breaking my websites in absolutely insane ways. Today my website broke for a user when they attempted to enter a comment that had "Fred (not Jane) " buried in it. Previously another site I host died because a user dared to upload a post that contained the string "sleep" followed by an "(". I have many examples besides those.
In all cases, Mod_Security simply breaks the web application causing it to fail in ways that are completely meaningless to users. Why should a post that contains "dangerous" data return a 404 error? A 404 error means that the website is broken. Could it not return a more useful server message? Due to the way that Mod_Security breaks your web application users might encounter odd javascript messages or other server failure messages. In all cases, your website appears busted with zero diagnostic options.
Therefore your user legitimately concludes that your website is broken. That makes for very poor customer service.
In addition, there are ZERO notification options for the site owner and some ISPs provide no logs that a website owner can examine. This means that unless your clients are willing to tell you that your website is broken, and explain exactly how they broke it, then you will never find out. Other clients will simply assume that you run a shoddy website and move on.
It is possible that NameCheap's implementation of Mod_Security is problematic but right now I am looking for Mod_Security fixes or alternatives.