Home > Products > ModSecurity for Apache > Certified Rules

ModSecurity: Certified Rules

Overview

Intrusion detection and prevention systems often rely heavily on the rules that are designed to detect known product vulnerabilities for protection. This approach does not work equally well in the web application space because most web applications are custom designed. With the Certified ModSecurity Rules collection we are addressing this problem on two levels:

Hardening web server and application configuration.
Detecting common web application security issues.

Web Server Hardening

Rules on this level are designed to harden web server and application configuration. They reduce the attack surface and implement generic request validation. They are heavily commented to allow them to be used as a step-by-step deployment guide for ModSecurity.

Common Web Application Security Issues

Rules on the second level address the common web application security issues. These are the issues that can appear in any web application. Some of the issues addressed are:

SQL Injection
Cross-Site Scripting (XSS)
OS Command execution
Remote code inclusion
LDAP Injection
SSI Injection
Information leak
Buffer overflows
File disclosure

Specific Product Vulnerabilities

Although the focus of Certified ModSecurity Rules is on web server hardening and defence against custom-crafted attacks, we do include a certain number of rules that are designed to detect specific problems in widely deployed applications. Customers can also nominate the products they are using for inclusion in the pool of applications we track.

ModSecurity Pro for Apache

Overview Security Features Deployment Certified Rules Download Licensing and Pricing OEM Licensing Development Roadmap