ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the "Swiss Army Knife" of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

Pre-Packaged, Binary Installation

The easiest method of installing ModSecurity is to use your existing OS Package Manager application (Yum or Aptitude) to install it from your default OS Repository.

Installation - Ubuntu/Debian

$ sudo apt-get install libapache2-mod-security
$ sudo a2enmod mod-security
$ sudo /etc/init.d/apache2 force-reload

Installation - Fedora/CentOS

$ sudo yum install mod_security
$ sudo /etc/init.d/httpd restart

Installation - Microsoft IIS (MSI Installer)

Installation information for IIS

Source Code Downloads

ModSecurity is an open source product licensed under ASLv2. It comes with full source code and documentation. Current releases are signed by Breno Silva. These public keys are available via most PGP key server mirrors.

ModSecurity for Apache (Stable Release Quality)

Installation information for Apache

ModSecurity for Nginx

NOTE: The Nginx module is contained within the Apache archive package. You must first compile ModSecurity with the --enable-standalone-module flag and then compile the Nginx code to use it. See the Blog post for more information.

NOTE: Some instabilities in the Nginx add-on have been reported (see the Github issues page for details). Please use the "nginx_refactoring" branch where possible for the most up to date version and stay tuned for the ModSecurity version 4.