ModSecurity

modsecurity.org

Open Source Web Application Firewall — the Swiss Army Knife of WAFs

Visit
ModSecurity screenshot
/ About /

ModSecurity is an open source, cross-platform web application firewall (WAF) module that provides visibility into HTTP(S) traffic and protection against web application attacks. It features a powerful rules language and API for implementing advanced security protections, and is widely used by businesses, governments, and ISPs across millions of domains. Now under OWASP's custodianship, it integrates tightly with the OWASP Core Rule Set.

/ How it works /

ModSecurity operates as a module that inspects HTTP(S) traffic in real time, applying configurable rule sets (such as OWASP CRS) to detect and block malicious requests.

/ Who it's for /

businesses, government organizations, internet service providers, and web application defenders

/ More info /

Background.

Status
launched
Business model
open-source
Company
OWASP Foundation
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.