Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×
Open Source

Submission + - Open Source WAF ModSecurity Adds IIS, Ngix Support (

wiredmikey writes: ModSecurity, the highly popular open source Web Application Firewall, largely found on Apache deployments, has finally come to IIS thanks to a collaboration between Microsoft and Trustwave. In addition, Trustwave also announced that Nginx would also be supported by the ModSecurity project.

ModSecurity is a standard webserver defense, leveraging pre-defined rules that prevent scores of Web-based attacks, which can be both automated and manual. Over the years, ModSecurity has been maintained by a large community of developers, rule writers, and engineers from Trustwave. Yet, for the longest time it was only available for Apache.

Granted, Apache is widely used online, and is the world’s largest webserver platform. But plenty of IIS and Nginx deployments exist online, and many have been targeted by attacks that would have been stopped by even the most basic of ModSecurity rules. Now, server admins have the option to layer their defenses and enjoy the benefits of a Web Application Firewall for free.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Open Source WAF ModSecurity Adds IIS, Ngix Support

Comments Filter:

Leveraging always beats prototyping.