ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
New features
Bug fixes
Security Impacting Issues
Enhancements
Bug fixes
Notes
New features
Bug fixes
Security issue
Bug fixes
Improvements
New features
Bug fixes
Improvements
.la' instead of
.a' file
[Issue #1853 - @ste7677, @victorhora, @zimmerle]Bug fixes
New features
Bug fixes
Improvements
Bug fixes
Improvements
This is the first release candidate for ModSecurity version 3.
If you are not familiar with ModSecurity version 3, most likely this release is not what you are looking for. For the Apache module please refer to the v2.x releases.
There is no change log as this is the first release candidate. The goal was to mimic the version 2 most popular functionalities.
In order to use this library within your webserver, you need use a compatible connectors: ModSecurity-nginx, ModSecurity-apache.
Further information about this release can be found in our wiki: ModSecurity-version-3-RC1
Bug fixes
Security Issues