mod_security is an actively maintained web application firewall. From my reading, it looks like it is a filter for processing web requests before they hit a company's main web server. It performs a series of different check and balances: looks at http headers for correctness, does common checks on field content so as to prevent injection attacks, and through a command language, can perform so complex analysis within a request as well as across requests.
Sunday, May 3. 2009
Open Source Site of the Day: ModSecurity -- Open Source Web Application Firewall
Trackbacks
Trackback specific URI for this entry
No Trackbacks