ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
changes version 2.7.0 :
* Fixed Pause action should work as a disruptive action (MODSEC-297).
* Fixed Problem loading mod_env variables in phase 2 (MODSEC-226).
* Fixed Detect cookie v0 separator and use it for parsing (MODSEC-261).
* Fixed Variable REMOTE_ADDR with wrong IP address in NGINX version (MODSEC-337).
* Fixed Errors compiling NGINX version.
* Added Include directive into standalone module. IIS and NGINX module should
support Include directive like Apache2.
* Added MULTIPART_INVALID_PART flag. Also used in rule id 200002 for multipart strict
validation.
* Updated Reference Manual.
Download latest Version :
Microsoft IIS : ModSecurityIIS_2.7.0.msi (3.1 MB)
Apache : modsecurity-apache_2.7.0.tar.gz (1.0 MB)
Download other version |
For more information & source -
http://www.modsecurity.org/
Previous posts regarding ModSecurity -
http://santoshdudhade.blogspot.in/2012/04/what-ismodsecurity-or-modsecurity.html
http://santoshdudhade.blogspot.in/2012/09/modsecurity-270-rc3-candidate-released.html
http://santoshdudhade.blogspot.in/2012/04/secure-apache-2x-web-server-with.html
http://santoshdudhade.blogspot.in/2012/07/mod-security-v267.html
http://santoshdudhade.blogspot.in/2012/06/modsecurity-v270-rc1.html
0 comments:
Post a Comment