Open source web application firewall engine for Apache, IIS, and Nginx
- Stars9.7k
- Forks1.7k
- Open Issues310
Apache-2.0
- C++
- M4
- Makefile
About ModSecurity
ModSecurity is a web application firewall engine that inspects HTTP traffic and applies rules to protect web applications from a range of attacks. It loads and interprets rules written in the ModSecurity SecRules format, then applies them to HTTP content.
The engine supports HTTP traffic monitoring, logging, and real-time analysis, with an event-based programming language for request handling and intervention decisions. The v3 library, libmodsecurity, removes the Apache dependency and connects to web servers through separate connectors for Apache, IIS, and Nginx.
ModSecurity v3 is a complete rewrite of the platform, while ModSecurity for Apache v2.x remains under maintenance. It is written in C++ and builds on Linux, macOS, and other Unix-like systems.
Key features
- Loads and interprets ModSecurity SecRules
- Applies rules to HTTP content via connectors
- HTTP traffic monitoring, logging, and real-time analysis
- Event-based programming language for request handling
- Separate connectors for web server integration
Details
- On GitHub since
- 2011
- Platforms
- Linux · macOS · Unix
- Self-hosting
- Library and connectors run on your servers
- Architecture
- libmodsecurity plus connectors
- Web servers
- Apache · IIS · Nginx
- Governance
- OWASP ModSecurity project