Search Results for "modsecurity"
Sort By:
Showing 14 open source projects for "modsecurity"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
eProcurement SoftwareeBuyerAssist by Eyvo is a cloud-based procurement solution designed for businesses of all sizes and industries. Fully modular and scalable, it streamlines the entire procurement lifecycle—from requisition to fulfillment. The platform includes powerful tools for strategic sourcing, supplier management, warehouse operations, and contract oversight. Additional modules cover purchase orders, approval workflows, inventory and asset management, customer orders, budget control, cost accounting, invoice matching, vendor credit checks, and risk analysis. eBuyerAssist centralizes all procurement functions into a single, easy-to-use system—improving visibility, control, and efficiency across your organization. Whether you're aiming to reduce costs, enhance compliance, or align procurement with broader business goals, eBuyerAssist helps you get there faster, smarter, and with measurable results.
-
1
ModSecurity
Cross platform web application firewall (WAF) engine for Apache
...Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity SecRules format and apply them to HTTP content provided by your application via Connectors. -
2
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
ModSecurity-nginx is the connector that embeds the ModSecurity v3 (libmodsecurity) web application firewall engine into NGINX. It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. -
3
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ... -
4
ngx_waf
Handy, High performance, ModSecurity compatible Nginx firewall module
...The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them automatically to avoid false positives. Supports three kinds of captchas: hCaptcha, reCAPTCHAv2 and reCAPTCHAv3. -
Rent Manager SoftwareRent Manager is award-winning property management software built for residential, commercial, and short-term-stay portfolios of any size. The program’s fully customizable features include a double-entry accounting system, maintenance management/scheduling, marketing integration, mobile applications, more than 450 insightful reports, and an API that integrates with the best PropTech providers on the market.
-
5
tengine-rpm
Tengine RPM for almalinux,a dist of Nginx with some advanced features.
...In short, Tengine is a distribution of Nginx with some advanced features.Tengine does not provide official RPM packages, here to provide unofficial optimized compilation and integration of LuaJIT, ModSecurity, geoip2, and other commonly used modules of the Tengine RPM packages, to facilitate the user to quickly install and configure the web server on the target server. This is a rpm package based on the official package https://tengine.taobao.org/download/tengine-3.1.0.tar.gz, which you can install it for free. The almalinux 9.5-based rpm package can also be used for Red Hat Enterprise Linux (RHEL) and its derivatives, such as CentOS Linux and Rocky Linux. -
6
CacheGuard WAF
Web Application Firewall
...Once installed on a machine, CacheGuard-OS transforms that machine into a network appliance to implement as a link to the internet. CacheGuard-OS is based on a Linux kernel and mainly uses OpenSSL, Apache and ModSecurity and ClamAV. CacheGuard WAF is especially designed to address organization requirements by providing functional and easy to handle Web security solutions. -
7
OpenWAF
Web security protection system based on openresty
...The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information. Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. The rule engine can be based on the protocol specification, automatic tools, injection attacks, cross site attacks, information leaks and other security exception request, adding support for dynamic rules, timely repair vulnerabilities. -
8
sWAF
A simple Web Application Firewall docker image
sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. ... -
9
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
...The project ships with extensive documentation, exclusion packages, and testing tools to help tailor deployment for frameworks, CDNs, and APIs. Deployed on engines such as ModSecurity or compatible WAFs, CRS is a widely used baseline for HTTP security in reverse proxies and gateways. -
Create and run cloud-based virtual machines.Computing infrastructure in predefined or custom machine sizes to accelerate your cloud transformation. General purpose (E2, N1, N2, N2D) machines provide a good balance of price and performance. Compute optimized (C2) machines offer high-end vCPU performance for compute-intensive workloads. Memory optimized (M2) machines offer the highest memory and are great for in-memory databases. Accelerator optimized (A2) machines are based on the A100 GPU, for very demanding applications.
-
10
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it... -
11
w-o-f
Passive or learning mode of web application firewalls to evaluate WAF
...This talk will demonstrates a new concept to evaluate any WAF without taking risk of putting any WAFs into inline mode.Everything will be in learning or in passive mode.This project describes concept of one special engine,which can be used to evaluate any WAFs with zero risk to the end user (website owner),no matter whether its vendor supports Passive mode or not(i.e. modsecurity or naxsi). -
12
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
-
13
...It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. So, SuStorID is a host-based Intrusion Detection System, and by means of modsecurity can access internal web server’s data (i.e. http request/response fields) exactly as Apache does.
-
14
- Previous
- You're on page 1
- Next
