Securing web applications with modsecurity on Debian Wheezy
Mod-security is a (third party) module of Apache (recently Microsoft IIS και NGINX) offering intrusion detection and (some kind of) prevention for web applications, acting as a web application firewall. The modsecurity module created by Ivan Ristic (writer of the relevant book ), but, now, is actually a service of Trustwave . Indicative types of attacks: SQL injection attacks XSS cross-site scripting path traversal attacks file inclusion Denial of service (DOS) attack (experimental) Brute force attack (experimental)