ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the "Swiss Army Knife" of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

Documentation

Live Wiki Documentation

The Wiki Documentation will always be the most up-to-date.

Books

Web Application Defender's Cookbook

The Web Application Defender's Cookbook: Battling Hackers and Protecting Users is a book written by the ModSecurity Project Lead and OWASP ModSecurity Project Lead Ryan Barnett. The book outlines critical defensive techniques to protect web applications and includes example ModSecurity rules/scripts.

ModSecurity Handbook cover

ModSecurity Handbook: Getting Started Guide is A free short book (about 100 pages) that consists of the first 4 chapters of ModSecurity Handbook. It contains everything you need to know to install and configure ModSecurity.
If you like the book, you may consider purchasing the full edition here.

ModSecurity 2.5 cover

ModSecurity 2.5 is "A complete guide to using ModSecurity", written by Magnus Mischel. The book is available from Packt Publishing in both hardcopy and digital forms.

Apache Security cover

Apache Security is a comprehensive Apache Security resource, written by Ivan Ristic for O'Reilly. Two chapters (Apache Installation and Configuration and PHP) are available as free download, as are the Apache security tools created for the book.

Preventing Web Attacks with Apache cover

Preventing Web Attacks with Apache. Building on his groundbreaking SANS presentations on Apache security, Ryan C. Barnett reveals why your Web servers represent such a compelling target, how significant exploits are performed, and how they can be defended against.

Contributed Documentation

Our articles

  1. Securing Web Services with ModSecurity 2 (May 18, 2007)
  2. Ajax Fingerprinting and Filtering with ModSecurity 2 (May 18, 2007)
  3. What's New in ModSecurity (December 1, 2005), overview of the features new to ModSecurity 1.9. Published on O'Reilly Network.
  4. Introducing mod_security (November 26, 2003). Published on O'Reilly Network.
  5. Web Security Appliance With Apache and mod_security (October 21, 2003). Published on SecurityFocus.

External articles

  1. Protegendo Webservers (apache) com o Mod_Security no FreeBSD (Portuguese; Vomicae Alan)
  2. ModSecurity for Apache 1.9 Reference Manual in Turkish (Bedirhan Urgun)
  3. ModSecurity article in O3 Magazine
  4. Advanced Web Application Defense with ModSecurity (ZIP, Daniel Fernandez Bleda & Christian Martorella)
  5. Introduction to ModSecurity (Persian, translated by Alan Baghumian)
  6. Securing Web Services with mod_security (Shreeraj Shah for O'Reilly Network)
  7. Firewall de Aplicaciones con Mod_Security (Spanish, Christian Martorella)
  8. Apache + mod_ssl + mod_security + PHP4 installation guide (Spanish; Jose Alonso Cardenaz Marguez)
  9. Locking down your Apache Web Server with mod_security (PPT; Hans Kind, FlyingServers)
  10. mod_security for protecting your blog (Anil, Six Apart)
  11. blacklist_to_modsec.pl (Peter R. Wood)
  12. The 80/20 Rule for Web Application Security (Jeremiah Grossman, WASC)
  13. Defending Web Services using ModSecurity (Shreeraj Shah, InfosecWriters)
  14. An introduction to mod_security (Atomic Playboy)
  15. mod_security rule generator (Noel Jackson)
  16. Enhancing Apache with mod_security (Joel A. Gallegos, FedoraNEWS)
  17. ModSecurity - An Intrusion Prevention Module for Apache (PDF, Ryan C. Barnett, SANS)
  18. Better Living Through Mod Security by Dhillon A. K. Introduces a PHP utility that parses the audit log and puts it into the database.
  19. ModSecurity documentation in Japanese by Hiroe.