Web application firewall¶
Introduction¶
ModSecurity is an open-source web application firewall (WAF) designed to protect web applications from a wide range of attacks, including SQL injection, cross-site scripting (XSS), and other OWASP Top 10 threats. It works by monitoring HTTP traffic in real-time, applying customizable security rules to detect and block malicious requests. Often used with web servers like Apache, Nginx, and IIS, ModSecurity helps enhance security by providing deep traffic inspection, logging, and virtual patching capabilities.