ModSecurity Breach

ModSecurity Blog

« EuroFoo Impressions | Main | OSCOM Talks Presentations Uploaded »

Portable web firewall rule format

For some time now I've been working on a portable web firewall rule format as part of the OASIS WAS technical committee. It's been going on for much longer than I anticipated, mainly because there is so much *other* work to do. But that's not necessarily a bad thing. That other stuff I did actually helped me design a better format. You see, my first attempts were overly ambitious and too complicated. They may have been technically more able but it is usually more important for a standard to be simple than foolproof. Just look at HTTP.

Anyway, I've decided to upload the latest version online and seek comments. There are many people/companies involved with web application firewalls so getting a format that really works for all of us is something that interest me a lot. If you are interested first have a look at the informal definition, then the schema, and then at one complete example.


November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30


Atom Feed



Recent Entries