ModSecurity: New Features (2.6)
Licensing Change - Apache Software License Version 2 (ASLv2)
To facilitate further development and technological enhancements, ModSecurity has moved to Apache Software License v2. This non-viral open source license will now make it easier to implement ModSecurity with existing Apache programs and custom solutions, as well as community users to contribute code updates. This new licensing affects ModSecurity v2.6 and all subsequent code bases.
Improved Detection Only Mode
With the new
Data Modification Capability
Ability to change data on-the-fly, before delivery, in order to better control outgoing content according to security policies.
Malware Link Detection
Added in integration with Google's Safe Browsing (GSB) API to identify known malicious links.
Increased Denial of Service Protection
Added the new
Improved IP Address Handling
Improved Rule Customizations and Exclusions
New Transformation Functions
New transformation functions,
Improved Sensitive Data Tracking
Audit logs can contain a list of all rules that matched (including simple, chained and chain nodes) which provides a more accurate picture of rule processing.
Uploaded File Meta-Data
New Log Part J logs data about uploaded files.