ModSecurity Trustwave
This blog has moved! Please update your
bookmarks to http://blog.spiderlabs.com/modsecurity/.

ModSecurity Blog: October 2003

A milestone reached

I feel like I've reached a new milestone with mod_security. First of all, it is important to note that since Monday my busy period is officially over and I can now spend more time working on mod_security. Second, in the last two weeks I published a new version (1.7), mod_security made it to Slashdot (reaching a wide audience), and my reverse proxy article was published on SecurityFocus (reaching a wide focused audience). Consequently, the number of downloads and visits increased tenfold.

I have also had a vulnerability. Not a big one, but big enough to let me know that I must be very careful from now on: no more late night coding without a plan and more work on testing and quality control.

These events are marking the end of the second phase in the life of mod_security. We are slowly entering a third phase - maturity. I've decided to enter maturity with a 2.0 version number. The next version, 1.8, will carry some must-have enhancements, and it will become a solid 2.0 version after a lot of polishing. Yes, polishing is important. I have been running for a while now, it is time to slow down to a walk and think more about the features we already have.

Updated the Snort rules conversion script

The new version of the script to convert Snort rules into mod_security rules is now available (from the same page as before). I initially forgot to escape characters that have a meaning in regular expressions and some rules were preventing Apache from starting.

I have also added these files to the CVS so they will make it into the official distribution starting with v1.8.

Converted Snort rules to mod_security rules

I wrote a simple Perl script to convert Snort rules to mod_security rules and published the information here. Ryan first found a similar script from the makers of the Zeus web server but it didn't really work right and the licence would allow modification that I decided to write my own. Have fun!

Calendar

November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30

Feeds

Atom Feed

Search

Categories

Recent Entries

Archives