From: Ivan Ristic <ivanr@we...> - 2005-11-30 20:07:06
ModSecurity 1.9.1 has been released. It is available for
immediate download from:
ModSecurity 1.9.1 is a bug-fix release. It fixes four minor
issues discovered in 1.9.
Changes (since 1.9)
* Variables OUTPUT and OUTPUT_STATUS are no longer silently
accepted (although they don't do anything) in the Apache
1.3.x version of ModSecurity.
* Relaxed multipart checks to allow empty multipart body IE
appears to (sometimes) send.
* Fixed a bug with chained rules and detect-only mode.
* Fixed a bug with FILE_NAME_* and FILE_SIZE_* variables.
ModSecurity is a web application firewall designed to protect
vulnerable applications and reject manual and automated attacks.
It is an open source intrusion detection and prevention system. It
can work embedded in Apache, or as a standalone security device when
configured to work as part of an Apache-based reverse proxy.
Optionally, ModSecurity creates application audit logs, which contain
the full request body in addition to all other details. Requests are
filtered using regular expressions. Some of the things possible are:
* Apply filters against any part of the request (URI,
headers, either GET or POST)
* Apply filters against individual parameters
* Reject SQL injection attacks
* Reject Cross site scripting attacks
* Store the files uploaded through the web server, and have them
checked by external scripts
With a few general rules ModSecurity can protect from both known
and unknown vulnerabilities. It excels as a tool for HTTP traffic
monitoring and just-in-time patching.
ModSecurity is dual-licensed. It can be used at no cost under the
terms of GPL v2. Support and commercial licences (for end-users
and OEM distributors) can be obtained from Thinking Stone
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org