From Wikipedia, the free encyclopedia
  (Redirected from Mod security)
Jump to: navigation, search
Stable release 2.9.0 / 12 February 2015; 6 months ago (2015-02-12)
Available in English
License BSD license

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server, IIS and NGINX. ModSecurity is a web application layer firewall. ModSecurity is free software released under the Apache license 2.0.

ModSecurity is one of the apache server modules that provides a complete website protection by defending hackers and other malicious attacks.[1] It is a set of rules with regular expressions that helps to instantly ex-filtrate the commonly known exploits.[2] Modsecurity obstructs the processing of invalid data (code injection attacks) to reinforce and nourish server's security.[3]


On February 13, 2013, a comparative penetration testing analysis report was published by Zero Science Lab, showing that ModSecurity is more effective than CloudFlare and Incapsula, but it has more false positives than Incapsula.[4][5]

External links[edit]