Hosting Provided By

[ANNOUNCEMENT] mod_security 1.4 released

From: Ivan Ristic <ivanr(at)webkreator.com>
Date: Mon Jan 27 2003 - 14:03:33 EST

Mod_security 1.4 has been released. It is immediately available for download from:

http://www.webkreator.com/mod_security/download/

This is a major release, adding a lot of new features.

About mod_security

Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Requests are filtered using regular expressions. Some of the things possible are:

Apply filters against any part of the request (URI, headers, either GET or POST)
Apply filters against individual parameters
Reject SQL injection attacks
Reject Cross site scripting attacks

Changes

This release adds major improvements (the size of the source code grew by 60%), including improved logging (Apache error log, separate debug log, and audit log), two new response actions (execute external program and redirect to a custom URL), new features for selective filtering (variable names and variable values), a regression testing utility and tests, and several bugfixes.

Bye,
Ivan Ristic Received on Mon Jan 27 15:36:44 2003

This message: [ Message body ]
Next message: Ed Tracy (at) Aspect Security: "Re: Generic User password management"
Previous message: Amit Klein: "XS(T) attack variants which can, in some cases, eliminate the need for TRACE"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:48 EDT

Do you need help?